Penpie Protocol Hacked for $27.8M in Liquid-Restaking-Token (LRT) Assets

Decentralized finance (DeFi) protocol Penpie (@Penpiexyz_io) has suffered a major security breach, resulting in a loss of $27.8M.

The hack primarily targeted liquid-restaking-token (LRT) assets, including:

4,101 agETH ($10.27M)

2,723 wstETH ($7.87M)

2,695 rswETH ($6.76M)

2.52M sUSDe ($2.87M)

Transaction:

0x56e09abb35ff12271fdb38ff8a23e4d4a7396844426a94c4d3af2e8b7a0a2813

The hacker has already swapped most of the stolen assets for 11,109 ETH ($26.95M) and has begun laundering the funds, sending 1,000 ETH ($2.42M) to Tornado Cash.

Current Holdings:

10,114 ETH ($23.7M) in address 0x2f2

$844K worth of Pendle Finance's yield-tokens in address 0x7a2

This incident highlights ongoing vulnerabilities in the DeFi space and the risks associated with liquid-restaking tokens.