Curve Finance (CRV) Exploit Puts More Than $100M of Crypto at Risk

Curve, a stablecoin-focused decentralized exchange (DEX), was the victim of an exploit late Sunday according to a tweet from the project. Curve relies on smart contracts instead of middlemen to offer financial services such as stablecoin borrowing, trading and lending to users. Upwards of $100 million worth of cryptocurrency are at risk due to a “re-entrancy” bug in Vyper, a programming language used to power parts of the Curve system. Several stablecoin pools on the platform — used for pricing and liquidity on a number of different DeFi services — have been drained by hackers so far, though the amount was unclear at press time. BlockSec, a blockchain auditing firm, estimated total losses above $42 million in a preliminary analysis posted to Twitter. While CRV, the DEX’s native token, was trading down 12% over the last 24 hours per Coinbase, it has interestingly surged 500% on South Korea-based digital assets exchange Bithumb.