Huma Finance has reported a $101,000 exploit involving its deprecated V1 BaseCreditPool contracts on the Polygon network. The breach, which occurred on May 11, allowed an attacker to siphon 82,316 USDC and 19,075 USDC.e due to a logic error in the credit-lifecycle management of these outdated contracts. Importantly, no user deposits were compromised, and the incident was limited to pool owner and protocol fees.
The exploit was attributed to a preventable access-control flaw, highlighting the risks associated with leaving old smart contracts active. Huma Finance's newer V2 deployment on Solana and its PayFi Strategy Token (PST) remain unaffected and fully operational. The company quickly communicated the breach, emphasizing the safety of user assets and the integrity of its current systems. This incident underscores the need for rigorous audits of deprecated contracts within the DeFi ecosystem to prevent similar vulnerabilities.
Huma Finance Suffers $101K Exploit on Deprecated Polygon Contracts
Avertissement : Le contenu proposé sur Phemex News est à titre informatif uniquement. Nous ne garantissons pas la qualité, l'exactitude ou l'exhaustivité des informations provenant d'articles tiers. Ce contenu ne constitue pas un conseil financier ou d'investissement. Nous vous recommandons vivement d'effectuer vos propres recherches et de consulter un conseiller financier qualifié avant toute décision d'investissement.