Attacker drains over $9 million from Resupply stablecoin protocol after manipulating token price
Quick Take Resupply, a stablecoin protocol tied to lending market liquidity, was exploited for around $9.5 million. Resupply acknowledged the incident and said the compromised contract has been identified and paused.
Stablecoin protocol Resupply was exploited for around $9.5 million through a market manipulation of exchange rates, according to security analysts.
Resupply is a stablecoin protocol that leverages the liquidity and stability of lending markets.
The exploit centered on cvcrvUSD, a wrapped version of Curve USD (crvUSD) staked in Convex Finance. Analysts said the attacker artificially inflated the price of cvcrvUSD by sending donations, which caused its share price to spike.
“The hacker exploited the cvcrvUSD vault, allowing the attacker to borrow $10 million in reUSD with only 1 wei of share as collateral,” said Xuxian Jiang, founder and CEO of PeckShield.
Resupply’s smart contract, known as ResupplyPair (CurveLend: crvUSD/wstUSR), used this inflated cvcrvUSD price in its exchange rate calculations. As a result, the rate crashed, noted security analysts.
The attacker took advantage of this price distortion by invoking the borrow function in the ResupplyPair contract. This allowed them to borrow 10 million reUSD (Resupply's native stablecoin) using only one wei of cvcrvUSD as collateral.
The missing funds originated from the wstUSR market, which the attacker exploited through borrowing, explained analysts at Blocksec.
Analysts added that the attacker later converted the borrowed reUSD into other assets on external markets for profit.
Resupply confirmed the exploit and said the affected contract has been identified and paused.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Mars Morning News | The Federal Reserve is expected to cut interest rates on Wednesday, S&P Global assigns a "B-" credit rating to Strategy
S&P Global has assigned a "B-" credit rating to bitcoin treasury company Strategy, classifying it as junk debt but with a stable outlook. The Federal Reserve is expected to cut interest rates by 25 basis points, with a possible split in the voting. The Hong Kong Securities and Futures Commission has launched a tender for a virtual asset trading monitoring system. Citi is partnering with Coinbase to explore stablecoin payment solutions. ZEC surged significantly due to halving and privacy topics. Summary generated by Mars AI. The accuracy and completeness of this summary are still being refined and updated by the Mars AI model.
BTC Volatility Review (October 6 - October 27)
Key indicators (4:00 PM Hong Kong time on October 6 -> 4:00 PM Hong Kong time on October 27): BTC/USD -6.4...
Cathie Wood warns: As interest rates rise next year, the market will be "chilled to the bone"
AI faces adjustment risks!
2025 Trading Guide: Three Essential Trading Categories and Strategies Every Trader Must Know
Clearly identify the type of transaction you are participating in and make corresponding adjustments.
Trending news
MoreCrypto prices
More
