Crypto-Sec: Vulnerabilities and Exploits in the Crypto World
Pythia Finance Reentrancy Attack
Decentralized finance (DeFi) protocol Pythia Finance recently suffered a reentrancy attack, resulting in a loss of $53,000. This incident occurred on September 3, as reported by the blockchain security firm Quill Audits. Pythia Finance, which uses artificial intelligence to manage its treasury, fell victim to an exploit where an attacker repeatedly called the “claim rewards” function without updating the reward balance after each call. This allowed the attacker to claim more rewards than they were due.
The attack exploited the “safe transfer” function used by Pythia when distributing rewards. By creating a malicious token contract, the attacker could repeatedly call back Pythia, triggering a chain reaction that drained the protocol’s funds.
Quill Audits’ partial report suggests that Pythia Finance has since updated its contract to prevent further exploitation. Reentrancy attacks, where a function is called repeatedly without fully executing its code, are a common vulnerability in smart contracts.
Zyxel Critical Vulnerability
On September 4, Zyxel, a manufacturer of networking hardware, disclosed a critical vulnerability in some of its devices. This flaw could allow attackers to execute code on users’ routers and access points, potentially giving them access to users’ devices.
The vulnerability stemmed from improper neutralization of special elements in the parameter ‘host’ in the CGI program of various firmware versions. This flaw could enable an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device.
Crypto wallet users should be particularly cautious about potential attacks on their home networks. If an attacker gains access, they could use DNS spoofing to redirect traffic or use deep packet inspection to decrypt data. This information could then be used for social engineering attacks to steal private keys or convince users to approve transactions.
Zyxel has listed the affected devices, including the NWA50AX PRO, NWA90AX, WAC500, and the USG LITE 60AX router. Users are advised to upgrade their firmware to protect against this vulnerability.
Penpie Exploit and Fake Pendle Market
The Penpie protocol experienced a significant exploit resulting in a $27 million loss. According to blockchain security firm Zokyo, the flaw allowed any user to create a Pendle market. This vulnerability was exploited by an attacker who created a fake Pendle Market and pool, configured to provide valuable Pendle tokens as rewards.
The Penpie protocol contains a function called “registerPenpiePool,” which is used to register new pool addresses and Pendle Markets. A modifier checks if the Pendle Market is listed in Pendle Finance’s factory contract, but any user can get their market listed by calling the “createNewMarket” function in the factory contract. This essentially means any user can create and register a Pendle Market.
The attacker exploited this by creating a fake Pendle Market and pool, using a reentrancy flaw to deposit tokens repeatedly before updating balances. This inflated the rewards, which the attacker then withdrew, draining the protocol of over $27 million.
Zokyo’s report indicates that the reentrancy flaw existed in the version they audited. However, only the protocol team could register a new pool and market at that time, which should have prevented external attackers from exploiting it. The Penpie team later introduced “permissionless pool registration,” audited by another firm, AstraSec, but the interaction between different contracts went unnoticed.
Penpie, a DeFi protocol designed to boost yields for Pendle Finance users, has pledged to conduct periodic audits of the entire protocol to prevent future incidents.
Blockchain Security and Auditing
These incidents highlight the importance of thorough and continuous auditing in the blockchain and crypto space. Smart contract vulnerabilities, such as reentrancy attacks, can have devastating financial consequences. Regular audits, comprehensive security checks, and prompt updates to protocols are essential to safeguard user funds and maintain trust in decentralized platforms.
In the wake of these exploits, users and developers alike must remain vigilant. Ensuring the security of blockchain protocols and networks is a continuous process that requires collaboration between security firms, developers, and the broader crypto community.
