Ah, the delightful world of liquidity staking! One moment you’re sipping a martini, and the next, your beloved Meta Pool has been exploited for a staggering $133,000. Quite the soirée, wouldn’t you say? 🍸
Fear not, dear readers! Our gallant Meta Pool managed to contain the debacle before it spiraled into a full-blown tragedy, as revealed in a rather droll blog post dated June 17.
According to the team, they were alerted to the shenanigans through their “early detection systems” and the ever-so-charming assistance of blockchain security firm Blocksec. They swooped in like a knight in shining armor, pausing the mpETH contract to prevent any further unauthorized frolicking or additional losses. Bravo! 👏
It seems the culprit took advantage of a rather embarrassing vulnerability in the ERC4626 mint() function of the mpETH contract. One must wonder, how does one let such a faux pas slip through the cracks?
In a separate post on X, the ever-astute Meta Pool co-founder Claudio Cossio hinted that the attacker may have exploited the protocol’s speedy unstaking feature, bypassing the usual unbonding period to mint mpETH without so much as a collateral deposit. How cheeky! 😏
Our villain managed to mint a whopping 9,705 mpETH tokens, valued at nearly $27 million, using a flaw in the Ethereum-based liquid staking contract. However, due to the limited liquidity in the affected pools, the nefarious exploiter could only convert their ill-gotten gains into a mere 52.5 ETH, worth around $133,000. A classic case of “so close, yet so far!”
The stolen funds were drained from swap pools across the Ethereum mainnet and Layer 2 networks, including Optimism. One must wonder if the attacker had a map or just a very lucky guess! 🗺️
Meta Pool reported that the Uniswap pool alone accounted for 37.5 ETH in losses, lamenting that “most of this liquidity was provided by the Meta Pool DAO.” Oh, the irony!
A full post-mortem and recovery plan is expected within 48 hours, and the protocol has graciously pledged to reimburse affected users. How generous of them!
Rest assured, the incident did not affect the 913 ETH initially staked through the mpETH contract, which remains as secure as a well-guarded secret with SSV Network operators. Meta Pool has also confirmed that its staking contracts on NEAR, Solana, Aurora, Internet Computer, Q, and Story remain untouched. A round of applause for their impeccable timing!
This little escapade marks the second notable DeFi exploit this month. Just on June 6, the Bitcoin-based platform Alex Protocol suffered an $8.3 million breach after a vulnerability in its self-listing verification logic allowed an attacker to drain multiple asset pools. One can only imagine the chaos!
Alex Protocol has since announced a Treasury Grant Program to reimburse affected users in a delightful mix of original tokens and USDC. How positively charming!
Read More
- All Skyblazer Armor Locations in Crimson Desert
- How to Get the Sunset Reed Armor Set and Hollow Visage Sword in Crimson Desert
- All Shadow Armor Locations in Crimson Desert
- Marni Laser Helm Location & Upgrade in Crimson Desert
- All Helfryn Armor Locations in Crimson Desert
- All Golden Greed Armor Locations in Crimson Desert
- All Icewing Armor Locations in Crimson Desert
- Best Bows in Crimson Desert
- How to Beat Stonewalker Antiquum at the Gate of Truth in Crimson Desert
- Legendary White Lion Necklace Location in Crimson Desert
2025-06-18 10:00