The native token of one of the largest cryptocurrency exchanges, Binance, BNB Smart Chain, which is a platform similar to Ethereum and supports decentralized finance (DeFi) protocols, experienced a copycat attack.
According to a report by BlockSec, a blockchain security firm, the attackers exploited a vulnerability in the Vyper programming language, similar to a previous exploit on Curve Finance.
This Vyper vulnerability resulted in the exposure of the DeFi ecosystem, leading to the theft of approximately $73,000 worth of cryptocurrencies from BNB Smart Chain in three separate attacks.
The vulnerability affected several DeFi pools that were using Vyper versions 0.2.15, 0.2.16, and 0.3.0. Vyper is widely used in Web3 projects and was initially designed for the Ethereum Virtual Machine.
In response to the attack, both ethical and malicious hackers have been actively involved in the blockchain. One ethical hacker, identified as “c0ffebabe.eth,” managed to recover and return more than $5 million worth of funds to Curve Finance.
This incident raises significant concerns about the security of smart contracts and protocols within the DeFi community, emphasizing the need for robust security measures to be implemented and maintained.