In another attack on a major Decentralized Finance (DeFi) protocol, the Pickle Finance agricultural project hit $ 20 million today.
The attack happened about two hours ago, and experienced Twitter users at ETH quickly noticed that the cDAI jam jar – the term “pickle” for revenue-generating vaults – was empty:
However, unlike other recent attacks, this particular exploit has yet to use the Flash Coupon – an increasingly infamous DeFi tool that gives potential attackers extra money to manipulate chain prices. Instead, this hacker exchanged money between a malicious fake contract and the cDAI bank.
In an interview with Cointelegraph, Emiliano Bonassi – a self-proclaimed white hat hacker and co-founder of DeFi Italy – explained that the attacker created “evil banks”, which are smart contracts that “have the same interface as a traditional tractor, but have bad things.”
The attacker then swapped money between Evil Bank and the real CDAI bowl and stole $ 20 million from the deposit.
In particular, following the attack on Harvest Finance, Pickle Finance looks like an important agricultural protocol. At the time of publication, Pickle’s statistics website reported that the total residual value of the ledgers is almost $ 75 million, while the price of Pickle, Pickle Finance’s company code, fell 50% on the day to $ 11.16.
The Pickle Finance problems are just the latest manifestation of a worrying trend in the DeFi room. The only victims of recent exploitation in recent weeks include Harvest Finance, Value DeFi, Acropolis, Cheese Bank and Origin Dollar.