Cork Protocol Loses $12 Million in DeFi Hack

Cork Protocol, a decentralized finance (DeFi) platform, experienced a significant security breach on May 28, resulting in the loss of approximately $12 million in digital assets. The exploit targeted the platform's smart contracts, allowing the attacker to siphon off roughly 3,761 Wrapped Staked Ether (wstETH), which was swiftly converted to Ether (ETH).

Cybersecurity firm Cyvers reported that the hack occurred at 11:23:19 UTC and was executed from an address ending in “762B.” The swift conversion of wstETH to ETH suggests a well-planned and executed attack, highlighting the sophistication of the hacker's methods.

In response to the incident, Cork Protocol co-founder Phil Fogel announced on X that the platform was investigating the potential exploit and had paused all smart contracts as a precautionary measure. This action aims to prevent further losses and allow the team to assess the damage and implement necessary security enhancements.

The Cork Protocol exploit is the latest in a series of high-profile hacking incidents that have plagued the crypto industry. These incidents underscore the ongoing challenges in cybersecurity within the sector, which have eroded consumer confidence and prompted calls for improved security measures from industry executives.

This incident follows closely on the heels of the Cetus decentralized crypto exchange (DEX) hack, which occurred on May 22 and resulted in the theft of $223 million. The Cetus hack involved an exploit of the liquidity parameters used by the platform's automated market maker (AMM), allowing hackers to manipulate the system and drain liquidity pools of hundreds of millions of dollars.

In the aftermath of the Cetus hack, Sui validators froze a majority of the funds, sparking a debate about the centralization of the network and the appropriate actions for blockchain validators following major hacking incidents. The Cetus team also announced a $6 million bounty for white hat hackers assisting in the recovery of the remaining stolen funds, highlighting the community's efforts to mitigate the damage caused by the exploit.

Blockchain security firm Dedaub released a post-mortem report detailing the Cetus incident, revealing that the hackers manipulated the most significant bits (MSB) check to alter values undetected. This allowed them to add massive amounts of liquidity to the system with minimal effort, draining other liquidity pools of significant funds.

The recent spate of high-profile hacks in the crypto industry serves as a stark reminder of the need for robust security measures. As the sector continues to evolve, it is crucial for platforms to prioritize cybersecurity to protect digital assets and maintain consumer trust. The incidents at Cork Protocol and Cetus underscore the importance of continuous vigilance and proactive measures to safeguard against potential exploits.