Pike Finance, a decentralized finance (DeFi) lending protocol, has fallen victim to an exploit resulting in the loss of $1.68 million worth of digital assets. This incident marks the second exploit that the protocol has experienced within a span of three days.
According to a report from CertiK, an on-chain analytics firm, the exploit occurred across the Ethereum, Arbitrum, and Optimism chains on April 30. The attacker took advantage of a vulnerability in Pike Finance’s smart contract, manipulating the output address and draining the contract of over $1.4 million worth of Ether (ETH), $150,000 worth of Optimism (OP) tokens, and over $100,000 worth of Arbitrum (ARB) tokens.
This exploit follows a $300,000 attack that Pike Finance suffered on April 26. Both attacks were a result of the same smart contract vulnerability, which allowed the attacker to override the contract.
In response to the exploit, Pike Finance has announced a 20% reward for the return of the funds or any information that can lead to their recovery. The protocol is also conducting an investigation into the incident.
Despite this recent attack, the month of April saw a decrease in cryptocurrency hacks and scams. CertiK’s report reveals that only $25.7 million was lost, the lowest monthly amount since 2021. This decline in losses can be attributed to a decrease in private key compromises, with only three attacks occurring in April compared to 11 in the previous month.
However, crypto attacks still remain a significant issue in the industry. In the first quarter of 2024, a total of $502 million worth of digital assets were stolen across 223 hacks and exploits. This represents a 54% increase compared to the first quarter of 2023, where $326 million worth of funds were stolen.
Despite the challenges faced by the industry, DeFi continues to grow, with Lido Finance recently reaching 1 million validators, further fueling the expansion of the DeFi sector.