Disclosure
Cryptocurrency trading is speculative and your capital is at risk when you trade. We may earn affiliate commissions from some of the products on this page - at no extra cost to you.
Penpie Protocol Loses $27 Million in Hack, Bounty Offered

Highlights:

  • Penpie’s $27M exploit highlights growing DeFi vulnerabilities in 2024.
  • Penpie is negotiating with the hacker and offering a bounty.
  • Both Penpie and Pendle tokens have faced significant declines following the breach.

On Sept. 3, the decentralized finance (DeFi) protocol Penpie was hit by a massive exploit in which the attacker drained about $27 million in cryptocurrencies. The stolen digital assets include staked ETH and wrapped USDC. Penpie, which is built on Pendle, has acknowledged the exploit and has expressed a willingness to negotiate a bounty for the safe return of the stolen funds.

Penpie confirmed the security breach in a post on X and took immediate action by pausing all deposits and withdrawals. While hacks are not uncommon in DeFi, Penpie’s incident is a recent example. The developers behind Penpie, Magpie, stated that they have identified the root cause of the hack and assured that all other protocols within the Magpie ecosystem remain secure and unaffected. Reports indicate that the hacker exploited a vulnerability in Penpie’s security.

According to Lookonchain, the hack stole 2,695 Restaked Swell Ethereum ($6.62 million), 2,723 wrapped stETH ($7.77 million), 2.52 million Ethena Staked USDe ($2.77 million), and 4,101 agETH ($10.17 million). The hacker converted all the stolen assets into 11,109 Ether and deposited 1,000 Ether into Tornado Cash.

Penpie Seeks Positive Resolution with Hacker

Penpie addressed the hacker in its report and expressed optimism about a potential positive resolution that could benefit all parties involved. The protocol highlighted that it is a community-driven project and emphasized the significant value of these funds to its users.

The platform indicated a willingness to negotiate a bounty for the safe return of the funds, offering the hacker a chance to transition into a white-hat role, where their skills could be recognized and rewarded. In return, Penpie guarantees that legal actions will be pursued while keeping the hacker’s identity confidential. Additionally, the hacker will receive a percentage of the recovered funds as a bounty reward.

Penpie and Pendle Tokens Face Sharp Declines Following the Hack

Penpie’s token, PNP, has experienced a significant decline, with its price falling by 34% in the past 24 hours. Its trading volume surged by 1425% during this period, reaching $463,000. As of the latest update, PNP is trading at an average price of $0.984.

PNP price
Source: CoinMarketCap

Pendle also saw a price drop, decreasing its value by 10% over the last day. PENDLE is currently trading at an average price of $2.85. Its 24-hour trading volume has decreased by 22% to $57.2 million.

Pendle Price
Source: CoinMarketCap

Crypto Hacks Surge in 2024

The Penpie exploit highlights a broader trend of increasing crypto hacks in 2024. According to a recent report by Immunefi, hackers have stolen over $1.2 billion across 154 incidents this year, underscoring the pervasive vulnerabilities in DeFi protocols and other crypto platforms.

According to security firm PeckShield, in August 2024 alone, crypto hacks led to losses exceeding $313 million. The two largest incidents that month involved the theft of $238 million in Bitcoin and $55 million in DAI. Phishing attacks have surged, with Scam Sniffer reporting a 215% increase in financial losses in August. Although the number of attacks decreased compared to July, the amount of stolen funds significantly spiked, with one phishing scheme alone yielding $55 million.