Decentralized finance protocol Convergence, a Curve-based yield-enhancing protocol, a was exploited Thursday, sending its token's price to near-zero.
The attacker created (minted) 58 million of the protocol's CVG token using a vulnerability in the protocol's codebase, and swapped the tokens for 60 wrapped ether (wETH) and 15,900 crvFRAX stablecoin using liquidity pools on Curve, web3 security auditing firm QuillAudits said.
Blockchain data on Etherscan shows that the attacker's address converted the funds to ether (ETH) and sent the tokens to Tornado Cash.
The attack caused about $210,000 loss, QuillAudits added.
CVG holders, however, suffered additional damage as the token's $17 million fully diluted value (FDV) before the attack evaporated. CVG's price declined 99% in the Curve liquidity pools, nosediving to $0,0004 from trading around $0.12 earlier today.
Convergence asked users not to interact with the protocol.
🚨 URGENT COMMUNICATION 🚨
— Convergence (@Convergence_fi) August 1, 2024
Convergence has been hacked. Please don't interact with the protocol.