XCarnival Negotiates Return of 50% ETH from Protocol Hacker

XCarnival hack

Ethereum liquidity provider XCarnival has offered a hacker 1,500 ETH as a bounty in addition to exemption from legal proceedings.

XCarnival immediately took note of the attack, suspending smart contracts, deposits, and borrowing features of the protocol until identifying the internal bug which made the hack possible.

 XCarnival has so far recovered 1,467 ETH from an exploit that has bled 3,087 ETH ($3.8 million USD).

Reports from blockchain investigator Peckshield first took notice of the hack – which happened on June 26 – which took the form of a string of transactions which drained the protocol.

 

Following an investigation, it emerged that the hack was made possible by allowing a withdrawn pledged NFT to be still used as the collateral, which is then exploited by the hacker to drain assets from the pool.

Recommended

Peckshield has noted that the hacker has used a previously withdrawn pledged NFT from the Bored Ape Yacht Club collection as collateral for the exploit.

Screenshots of the hacker’s wallet showed that it was in possession of 3,087 ETH after the hack, while remaining funds seemed to be siphoned successfully. As of writing, the hacker’s wallet holds 0 ETH.

XCarnival has announced plans to reveal further details regarding a post-mortem of the incident soon.

Talk to the experts at Run the Chain for Content Creation

Get high quality blogs, threads, videos and GIFs that accurately communicate your project’s USPs and ethos with Run The Chain’s Content Creation services.

To find out more, click here.

Share Post:

Twitter
LinkedIn
Telegram
Facebook
Pinterest