Stake DAO has suffered a significant security breach on the Arbitrum network, resulting in the illegal minting of approximately 5.44 trillion vsdCRV tokens. The attacker reportedly gained access to the protocol deployer's private key and altered the LayerZero v2 endpoint configuration, enabling the creation of fraudulent cross-chain messages. This exploit allowed the attacker to mint tokens directly to their wallet without market purchases.
Blockchain security firm Blockaid revealed that the attacker has already sold some of the tokens, converting them into about 43.78 ETH, which has been transferred back to the Ethereum mainnet. The Stake DAO team is actively investigating the breach, focusing on the private key compromise and potential impacts on other contracts. Users have been advised to revoke authorizations to mitigate further risks.
Stake DAO Hit by Arbitrum Attack, 5.44 Trillion vsdCRV Illegally Minted
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.