This week, hackers stole approximately $27 million worth of cryptocurrency from the decentralized finance (DeFi) protocol, Penpie. The platform confirmed that $27,348,259 in Ethereum was taken on Tuesday, prompting Penpie to shut down all withdrawals and deposits to prevent further losses.
Penpie quickly responded by filing a police report with the Kampong Java Neighbourhood Police Centre in Singapore, just hours after the attack. On Wednesday, the company also submitted a complaint to the FBI’s Internet Crime Complaint Center (IC3) and reached out to the hacker, offering a negotiated bounty in exchange for the safe return of the funds.
“We acknowledge your exploit of our protocol,” Penpie wrote in its message. “Please contact us to discuss terms confidentially. No legal action will be pursued if the funds are returned. Let’s find a mutually beneficial solution.” The company also offered to protect the hacker’s identity if some of the funds were returned. However, these efforts seem to have had little effect, as the hacker continued moving the stolen funds to various blockchain addresses.
Penpie is now working on a compensation plan for affected users and has promised to consult the community for feedback before putting any proposals to a vote. “We deeply acknowledge the significant impact this attack has had on users from other protocols who had assets deposited on Penpie,” the company stated. “Your losses are of utmost importance to us.”
This attack occurred on the same day that the FBI issued an alert warning cryptocurrency companies of increasing attacks from North Korean hackers. Penpie was first alerted to the breach by Pendle, the platform on which Penpie is built. In a post-mortem, Pendle revealed that although Penpie lost millions, swift action by the Pendle team prevented the theft of an additional $105 million from other protocols on the platform. Pendle’s security system detected the attack almost immediately, but within an hour, the hackers had already siphoned the $27 million from Penpie.
Pendle reported that their own platform was not affected by the breach and provided Penpie with the VPN IP address used by the attackers. Penpie shared this information with a Singapore Technology Crime Senior Investigation Officer, who will forward the details to the VPN provider for further investigation.
Penpie acknowledged that while their platform underwent two audits since launching in June 2023, a vulnerability previously identified and believed to be resolved was reintroduced when a new feature was added in May 2024. The company admitted that a comprehensive audit should have been conducted after adding the feature, and they now plan to conduct a full system audit before resuming operations.
The FBI’s recent alert highlighted how North Korean cyber actors are increasingly targeting DeFi and cryptocurrency-related businesses, using social engineering to gain unauthorized access to company networks. The United Nations is currently investigating 58 cyberattacks linked to North Korean hackers, which have netted the regime about $3 billion from 2017 to 2023.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
