Ah, the delightful world of liquidity staking! One moment you’re sipping a martini, and the next, your beloved Meta Pool has been exploited for a staggering $133,000. Quite the soirée, wouldn’t you say? 🍸
Fear not, dear readers! Our gallant Meta Pool managed to contain the debacle before it spiraled into a full-blown tragedy, as revealed in a rather droll blog post dated June 17.
According to the team, they were alerted to the shenanigans through their “early detection systems” and the ever-so-charming assistance of blockchain security firm Blocksec. They swooped in like a knight in shining armor, pausing the mpETH contract to prevent any further unauthorized frolicking or additional losses. Bravo! 👏
It seems the culprit took advantage of a rather embarrassing vulnerability in the ERC4626 mint() function of the mpETH contract. One must wonder, how does one let such a faux pas slip through the cracks?
In a separate post on X, the ever-astute Meta Pool co-founder Claudio Cossio hinted that the attacker may have exploited the protocol’s speedy unstaking feature, bypassing the usual unbonding period to mint mpETH without so much as a collateral deposit. How cheeky! 😏
Our villain managed to mint a whopping 9,705 mpETH tokens, valued at nearly $27 million, using a flaw in the Ethereum-based liquid staking contract. However, due to the limited liquidity in the affected pools, the nefarious exploiter could only convert their ill-gotten gains into a mere 52.5 ETH, worth around $133,000. A classic case of “so close, yet so far!”
The stolen funds were drained from swap pools across the Ethereum mainnet and Layer 2 networks, including Optimism. One must wonder if the attacker had a map or just a very lucky guess! 🗺️
Meta Pool reported that the Uniswap pool alone accounted for 37.5 ETH in losses, lamenting that “most of this liquidity was provided by the Meta Pool DAO.” Oh, the irony!
A full post-mortem and recovery plan is expected within 48 hours, and the protocol has graciously pledged to reimburse affected users. How generous of them!
Rest assured, the incident did not affect the 913 ETH initially staked through the mpETH contract, which remains as secure as a well-guarded secret with SSV Network operators. Meta Pool has also confirmed that its staking contracts on NEAR, Solana, Aurora, Internet Computer, Q, and Story remain untouched. A round of applause for their impeccable timing!
This little escapade marks the second notable DeFi exploit this month. Just on June 6, the Bitcoin-based platform Alex Protocol suffered an $8.3 million breach after a vulnerability in its self-listing verification logic allowed an attacker to drain multiple asset pools. One can only imagine the chaos!
Alex Protocol has since announced a Treasury Grant Program to reimburse affected users in a delightful mix of original tokens and USDC. How positively charming!
Read More
- Hollow Knight: Silksong is Cutting It Close on a 2025 Release Window
- What’s the Switch 2 Battery Life? (& How to Improve It)
- The Sims 4 Unveils Packed Roadmap for Summer 2025
- Best Settings for Stellar Blade – RTX 4060
- One Piece Chapter 1152 DELAYED! Find Out the NEW Release Date!
- John Wick Director Chad Stahelski Explains His Wild Process Behind the Franchise
- Red Dead Redemption 2 PS5, Xbox Series Update Rumored Releasing In 2025
- How to Use Zelda Notes with Breath of the Wild & Tears of the Kingdom
- The Last of Us Season 3: Why Abby’s Story is the Bold Move We Need
- How To Connect A Switch 2 To A TV
2025-06-18 10:00