Tell Us What You Think — We'll Thank You for It.
Home EthereumCurve Finance Hacker...

Curve Finance Hackers Exploit Vyper Vulnerabilities, Could State-Sponsored Hackers Be Involved?

By CoinGape July 31, 2023 In Ethereum, Hackers

Hackers were able to target Curve Finance, a prominent decentralized exchange, by taking advantage of flaws in the release history of the Vyper compiler. And there are speculations that it is a carefully thought-out operation. The crypto community has expressed concern about these attacks, and there have been rumors that state-sponsored hackers may have been involved.

Hackers Exploit Vyper Vulnerabilities

The exploit targeted versions 0.2.15 to 0.3.0 of the Vyper compiler. According to Vyper contributor @fubuloubu, this sophisticated attack likely took weeks, if not months, to prepare. The hackers meticulously trawled through Vyper’s past releases, pinpointing specific vulnerabilities to exploit – an uncommon tactic hinting at the high level of expertise and resources behind the operation.

advertisement

The impacted pools include crv/eth, aleth/eth, mseth/eth, and peth/eth. The tri-crypto pool on Arbitrum might also be affected. While auditors and Vyper developers have not identified a profitable exploit in this pool, users are advised to exit as a precaution.

Advertisement

Vyper’s code base, being smaller and less frequently updated than most, has generally been perceived as more secure and easier to audit. However, this incident highlights the challenges even in scrutinized and relatively stable compilers.

The attack underscores a wider issue in the crypto community – the lack of incentivization for uncovering bugs in past software releases. Addressing this requires a collective effort to solve what @fubuloubu refers to as “public goods issues”.

Also Read: Nigerian SEC Calls Binance Operations Illegal in the Country

Curve Finance TVL And Token Price Down

The CRV token is also down by more than 12% in 24 hours and is trading at $0.64. Its market cap is also down by 12% in a day, at the time of writing this article. According to DeFiLlama statistics, the total value of assets held on the decentralized finance protocol Curve Finance (CRV) decreased by almost 50% in the past day to $1.731 billion from $3.26 billion reported on July 30.

The exodus can be ascribed to a protocol exploit, which exacerbated community members’ worries about liquidation and bad debt and caused them to withdraw their money from the cryptocurrency project right once.

Published on

CoinGape

View the full article

You may also like

Ethereum,
September 3, 2025

ETHZilla Commits US$100M ETH to EtherFi for Liquid Restaking Yields

Blockchain,
September 1, 2025

Ethereum’s Next 100x? ConsenSys CEO Sees Wall Street Convergence

Ethereum,
August 29, 2025

VanEck CEO: Ethereum Set to Become “Wall Street Token” as $280B Stablecoin Market Explodes