Earlier this week, DeFi protocol UwU Lend was hacked for around $20 million. Different assets, including WBTC and DAI, were drained from the pools and converted to ETH. Notably, the attacker was funded from Tornado Cash a couple of days before the attack.
Now, Beosin Alert brought to light that the same attacker has now initiated another $3.7 million exploit.
Another parallel post by Cyvers Alerts revealed,
“Affected pools: uDAI, uWETH, uLUSD, uFRAX, uCRVUSD, uUSDT
All stolen assets have been converted to ETH and are located at the attacker's address.”
On the heels of the initial attack, the UwU team immediately paused the protocol. Simultaneously, borrow and deposit rates were set to 0%, to make sure that users’ positions were not affected by the pause.
Later, the team identified the vulnerability, which was “unique” to the sUSDe market oracle, and claimed that the issue was “resolved.”
All other markets were also re-reviewed by auditors and industry professionals, with no issues or concerns found, UwU representatives said. In fact, most of the assets including SIFU, VOLTA, and FRAX were not affected.
The team also got in touch with the hacker, but did not hear back. Meanwhile, the protocol was also unpaused and markets were gradually relaunched one after the other. Parallelly, all other protocol functions also return to normal operations.
As the team initiated its reimbursement process, the exploiter made use of the opportunity to siphon funds again. The UwU Lend team is yet to acknowledge the second attack.
