Thomas Daniels

Published On: 26/03/2024
Share it!
Major Security Breach in Curio Ecosystem Results in $40 Million Loss
By Published On: 26/03/2024

The Curio decentralized finance (DeFi) project recently encountered a formidable security breach, culminating in a substantial financial setback quantified at $16 million by Cyvers Alerts, a reputable entity in cybersecurity analysis. This incident underscores a critical vulnerability in the project’s permissioned access protocols, enabling an unauthorized actor to fabricate 1 billion CGT tokens. Consequently, this malefactor commandeered CGT tokens approximating a staggering value of $40 million.

This revelation from Cyvers Alerts succeeded an advisory issued by Curio, alerting its community to a smart contract compromise. The experts at Cyvers Alerts pinpointed a MakerDAO-based smart contract, operative within Curio’s ecosystem on the Ethereum blockchain, as the exploit’s locus. The official statement from the Curio team acknowledged the exploit, emphasizing their ongoing efforts to rectify the situation while reassuring stakeholders of the security integrity of contracts on both the Polkadot framework and Curio Chain.

February witnessed a diminution in the cryptocurrency domain’s losses due to hacks and scams, tallying around $67 million, a notable contraction from January’s figures. The month’s adversities predominantly originated from the DeFi sector, sparing centralized platforms from significant incidents. A considerable portion of these losses emanated from two major breaches: the gaming platform PlayDapp, which suffered a $32.35 million loss, and the decentralized exchange FixedFloat, incurring a $26.1 million deficit. Additionally, the cryptocurrency casino Duelbits faced a $4.6 million depletion of assets, attributed to a private key compromise.

source