Zunami Protocol, a major player in the decentralized finance (DeFi) space, has suffered a significant setback after a security breach resulted in a loss of more than $2.1 million. According to blockchain security companies PeckShield and Ironblocks, the platform’s Curve Finance-hosted liquidity pool was targeted by the attacker.
The hacker used a flash loan to inject liquidity into the system, enabling them to manipulate the price. After trading on the exchange with the newly created liquidity, the attacker manipulated the price once more and withdrew the funds, making a profit of 1,152 ether (ETH).
The breach had a great impact on the prices of Zunami’s native assets. The Zunami USD stablecoin (UZD) dropped by over 98%, while the Zunami Ether (zETH) decreased by more than 85%, settling at $278. Furthermore, the funds were transferred to Tornado Cash, a crypto-mixing service platform.
In response to the attack, PeckShield Inc. tweeted: “Hi @zunamiprotocol, we have detected an ongoing attack. Users are strongly suggested to take necessary actions. Here is the encrypted hash: 2638ae2969ce932d61c3ca66f9b8a4a6c01c4d89bb2b34ddcf2c4145960f41c4. Actual hash will be released once the situation is stable.”
