Ad
Markets

DeFi Protocol Convergence Hacked, CVG Token Plunges 99% on Curve

The exploiter created 58 million of the protocol's CVG token and then swapped for roughly $200,000 worth of wrapped ETH and crvFRAX and forwarded to Tornado Cash.

Updated Aug 1, 2024, 6:55 p.m. Published Aug 1, 2024, 6:55 p.m.
16:9 crop outflows, drain
16:9 crop outflows, drain

Decentralized finance protocol Convergence, a Curve-based yield-enhancing protocol, a was exploited Thursday, sending its token's price to near-zero.

The attacker created (minted) 58 million of the protocol's CVG token using a vulnerability in the protocol's codebase, and swapped the tokens for 60 wrapped ether (wETH) and 15,900 crvFRAX stablecoin using liquidity pools on Curve, web3 security auditing firm QuillAudits said.

Blockchain data on Etherscan shows that the attacker's address converted the funds to ether (ETH) and sent the tokens to Tornado Cash.

The attack caused about $210,000 loss, QuillAudits added.

CVG holders, however, suffered additional damage as the token's $17 million fully diluted value (FDV) before the attack evaporated. CVG's price declined 99% in the Curve liquidity pools, nosediving to $0,0004 from trading around $0.12 earlier today.

CVG liquidity pool on Curve
CVG liquidity pool on Curve

Convergence asked users not to interact with the protocol.


Krisztian Sandor

Krisztian Sandor recently graduated from NYU's business and economic reporter program as a Fulbright fellow and worked with Reuters and Forbes previously. Originally from Budapest, Hungary, he is now based in New York. He holds BTC and ETH.

picture of Krisztian  Sandor