Bitrabo Editorial
The DeFi lending platform, UwU Lend, has encountered two attacks in recent days. The latest breach took place during the reimbursement phase following the first attack, resulting in a total loss of approximately $23 million for the protocol.
Second $3.7 Million Attack Strikes DeFi Platform
UwU Lend suffered a significant blow on June 10 when hackers exploited a vulnerability leading to a $19.3 million loss. The attack leveraged flash loans, prompting the project to halt operations temporarily to safeguard most assets for users.
To rectify the situation, the UwU Lend team offered a $4 million reward for the return of the stolen funds and identified the assets taken, including wETH, wBTC, CRV, USDT, sUSDE, among others.
Security firm Beosin disclosed that the attacker manipulated the USDe price through token swaps, affecting its market value. Following identification of the vulnerability unique to the sUSDE oracle, a fix was implemented promptly.
By addressing the issue, UwU Lend resumed its operations, ensuring the return of funds and assuring users that their assets remained secure within the platform.
Repeat Attack Raises Concerns
Thursday saw UwU Lend face another attack during its reimbursement process, resulting in a $3.7 million loss. The hacker converted the stolen funds back to ETH after targeting pools like uDAI, uWETH, uLUSD, and more.
Concerns surfaced within the crypto community regarding the safety of funds stored on UwU Lend, with some users expressing skepticism over the platform’s security measures.
While investigations are ongoing to address these breaches, questions have emerged about the management of vulnerabilities within the protocol and the handling of collateral assets.
