Decentralized finance protocol Zunami Protocol has confirmed it has encountered an attack on its “zStables” stablecoin pools.
Blockchain security firm PeckShield estimates over $2.1 million was stolen from Zumani’s Curve Pool on Aug. 13, pegging the exploit to a price manipulation issue. Fellow blockchain security firm Ironblocks arrived at a similar figure.
Hi @ZunamiProtocol Today’s hack leads to >$2.1m loss and there are two hack txs involved:
– tx1: https://t.co/jsOmPT62mk
– tx2: https://t.co/u7YOvoS0R9It is a price manipulation issue, which can be exploited by donation to incorrectly calculate the price as shown in the… https://t.co/yqwMVy0pCA pic.twitter.com/OfrDni7KtE
— PeckShield Inc. (@peckshield) August 14, 2023
PeckShield detected the exploit on Curve on Aug. 13 at 10:47 UTC, which was confirmed by Zunami about 20 minutes later.
Zunami said that collateral in the pools remain secure and that the issue is now under investigation.
It appears that zStables have encountered an attack. The collateral remain secure, we delve into the ongoing investigation.
— Zunami Protocol (@ZunamiProtocol) August 13, 2023
It is currently believed a flash loan price manipulation attack has taken place, with Zunami UZD and Zunami ETH pools impacted.
Zunami is a decentralized revenue aggregator protocol that allows users to stake stablecoins for yield, with its largest stable pools situated on Curve.
Cointelegraph reached out to Zunami for comment but did not receive an immediate response.
This is a developing story, and further information will be added as it becomes available.
