UwU Lend, a lending and liquidity protocol, has reportedly been targeted by an exploit amounting to $19.3 million.
A malicious hack recently targeted the decentralized lending platform. Reports from the blockchain security firm Arkham indicate that unknown perpetrators stole $19.3 million from the lending protocol.
UWU almost certainly hacked https://t.co/bvv0gDY4LQ pic.twitter.com/HsgIakHOgr
— Togbe (@Togbe0x) June 10, 2024
The incident highlights ongoing security vulnerabilities in the DeFi sector, raising concerns about the safety of digital assets on decentralized platforms.
The hack
The blockchain data indicates that the perpetrator transferred the stolen funds through multiple wallet addresses. According to a crypto user on the blockchain explorer Etherscan, the perpetrator utilized Curve LlamaLend as the “exit liquidity” for the attack.
On-chain data shows that one wallet siphoned a collection of tokens, including wrapped ether (WETH), wrapped bitcoin (WBTC) and stablecoins, before trading the majority of it out on Uniswap.
🚨ALERT🚨Hey @UwU_Lend, you are being attacked!So far address got around $14MMore update will follow!Please contact us to learn how to secure your digital assets!#CyversAlert pic.twitter.com/IND77hbTbH
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) June 10, 2024
UwU Lend claims to have never been hacked since its inception in 2022 but they posted on X stating that “The protocol was paused a little under an hour ago while the team investigates the situation. Please rest assured that we were made aware of the situation immediately and are taking all necessary steps, doing our best here. Stay tuned for further updates.”
UwU Lend is based on the open-source AAVE v2 codes and offers lending, borrowing, and staking services. Users receive 100% of platform revenues in the form of a token called UwU.