UwU Lend Offers $5M Bounty to Whoever Identifies and Locates Its Exploiter
Highlights:
- UwU Lend offers a $5M bounty to whoever identifies the attacker responsible for the $20 million hacker on June 10.
- The protocol offered the exploiter 20% of the stolen funds if the attacker returned 80%, which they didn’t.
- On June 13, UwU Lend faced another $3.7M attack, with Cyvers platform identifying the attacker as the same individual involved in the first exploit.
UwU Lend, a decentralized lending protocol, is offering a $5 million bounty in Ethereum (ETH) to “the first person to identify and locate” the attacker. This came after the hacker failed to transfer 80% of the stolen funds before UwU’s requested deadline of June 12 at 5:00 pm UTC.
Advertisement
In a June 13 on-chain message, UwU wrote to the hacker, ” The Repayment deadline for the funds you stole has passed. A 5 Million Dollar bounty will be given to the first person to identify and locate you.β The company emphasizes that the bounty would be in ETH and paid out before any funds are recovered or charges are laid.Β
UwU Lend is a decentralized money market protocol enabling users to earn interest on deposits and borrow digital assets.
UwU Lend Requests Hacker to Return 80% of Funds After $20M Attack
The exploiter first targeted the UwU Lend protocol on June 10, resulting in a $20 million loss due to price manipulation. The exploit occurred in two stages, with hackers initially stealing $14 million, then an additional $6 million drained one hour later.
π¨ALERTπ¨Hey @UwU_Lend, you are being attacked!
So far address got around $14M
More update will follow!
Please contact us to learn how to secure your digital assets!#CyversAlert pic.twitter.com/IND77hbTbH
— π¨ Cyvers Alerts π¨ (@CyversAlerts) June 10, 2024
UwU identified the vulnerability responsible for the exploit, which it stated was unique to the USDe market oracle. Price oracles are external services that offer real-time market data for assets. When manipulated, they can cause substantial losses for platforms and their users. In this instance, hackers exploited the price oracle to their advantage, resulting in an attack on UwU Lend. The protocol asserted that the vulnerability had been fixed, and all other markets had been βre-reviewed by industry professionals and auditors,” who found no issues or concerns.
(1/5)
The team has now identified the vulnerability, which was unique to the sUSDe market oracle and has now been πΏπ²ππΌπΉππ²π±. All other markets have been re-reviewed by industry professionals and auditors with no issues or concerns found.
— UwU Lend (@UwU_Lend) June 12, 2024
UwU then requested the hacker to return 80% of the funds, allowing them to keep the remaining 20%. The team also assured the hacker that they would cease legal action. However, no response was received from the hacker. By Thursday, UwU Lend announced that the repayment period had ended. As a result, the protocol had to consider other options, leading to the creation of the $5 million bounty.
UwU Faces Second Hack of $3.5M During $20M Reimbursement Process
On June 13, UwU Lend faced another exploit, resulting in the theft of $3.7 million. On-chain data analytics platform Cyvers alerted the protocol to the attack, identifying the attackers as the same ones who carried out the previous $20 million exploit.
π¨ALERTπ¨@UwU_Lend has suffered another security breach by the same attacker!
Total loss: $3.7M
Affected pools: uDAI, uWETH, uLUSD, uFRAX, uCRVUSD, uUSDT
All stolen assets have been converted to $ETH and are located at the attacker's address: https://t.co/9TvwLh18P1To learn⦠https://t.co/AjcMS1Cdyl
— π¨ Cyvers Alerts π¨ (@CyversAlerts) June 13, 2024
The exploiter stole $3.5 million from various asset pools, specifically uDAI, uWETH, uLUSD, uFRAX, uCRVUSD, and uUSDT. All stolen assets have been converted to Ether and are currently held at the attackerβs address: 0x841dDf093f5188989fA1524e7B893de64B421f47.
The lending protocol was actively reimbursing hack victims. It announced on X that it had fully repaid all bad debt for the Wrapped Ether (wETH) market, totaling 481.36 wETH valued at over $1.7 million. Overall, the protocol reimbursed more than $9.7 million.
Repaid so far:
β’ 3,522,427 $DAI
β’ 233,819 $crvUSD
β’ 4,225,000 $USDT
β’ 481.36 $wETH ($1,734,042)
Total: $9,715,288ππ©π’π―π¬ πΊπ°πΆ π§π°π³ πΊπ°πΆπ³ π€π°π―π΅πͺπ―πΆπ¦π₯ π΄πΆπ±π±π°π³π΅ π’π―π₯ π΅π³πΆπ΄π΅! π#FundsAreUwU
— UwU Lend (@UwU_Lend) June 13, 2024
UWU Token Struggling to Maintain Price After $24M Combined Loss
Despite now losing a combined $24 million, the price of UWU, UwU Lendβs governance token, is only down 20% over the last week, according to CoinMarketCap. At the time of writing, UWU was trading at $2.47, representing a 6.95% decline in the past 24 hours. The token’s value has plummeted by 81%, resulting in a market cap of $26 million over the past year.
Read More
- Myro Price Prediction As MYRO Plunges 28% In a Week, Despite Paving A Path For Every Future Solana Coin
- Most Important Cryptos Other Than Bitcoin β Top 15 Bitcoin Alternatives 2024
- 20 Top Cryptocurrencies to Watch for 2024 β Detailed Reviews
- Next Cryptocurrency to Explode in 2024
Disclaimer: Cryptocurrency is a high-risk asset class. This article is provided for informational purposes and does not constitute investment advice. You could lose all of your capital.
Advertisement
Syed Ali Haider
Ali Haider is a contributing crypto writer at Crypto2Community. He is a crypto and blockchain journalist with over six years of experience and has long advocated for digital freedom and cybersecurity. Haider has been featured in several high-profile crypto and finance outlets, including Coincult, AltcoinBeacon, BTCRead, and more.
View full profile βΊβΉοΈAbout Crypto2Community's Editorial Process
Crypto2Community's editorial policy is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict editorial policy and sourcing standards, and each page undergoes diligent review by our team of top crypto industry experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
