Share this article
BTC
$84,390.96
-
0.17%ETH
$1,581.06
-
0.14%USDT
$0.9997
-
0.01%XRP
$2.0655
-
0.31%BNB
$593.62
+
0.69%SOL
$132.93
-
0.42%USDC
$0.9997
-
0.01%DOGE
$0.1559
+
0.32%TRX
$0.2430
-
2.28%ADA
$0.6151
-
0.76%LEO
$9.0375
-
0.10%LINK
$12.49
+
0.31%AVAX
$18.89
-
1.29%TON
$2.9909
+
0.40%XLM
$0.2427
+
1.53%SHIB
$0.0₄1207
+
2.45%HBAR
$0.1640
+
1.73%SUI
$2.1015
-
0.14%BCH
$341.32
+
2.05%LTC
$75.72
+
0.76%Sign Up
- Back to menuPrices
- Back to menuResearch
- Back to menuConsensus
- Back to menu
- Back to menu
- Back to menu
- Back to menuWebinars & Events
ZkSync's Largest Lender Struck by $3.4M Exploit
EraLend said the threat has been contained, but advises against deposits.
EraLend, the largest lending protocol on Ethereum scaling blockchain zkSync, has been hit by a $3.4 million read-only reentrancy attack, according to blockchain security firm CertiK.
The total amount of capital locked on EraLend slumped to $10.75 million from $18.5 million following the exploit, DefiLlama data indicate.
STORY CONTINUES BELOW
"We've experienced a security incident on our platform today. The threat has been contained. We've suspended all borrowing operations for now and advise against depositing USDC. We're working with partners and cybersecurity firms to address this. More updates to follow," EraLend wrote in a tweet.
A read-only reentrancy bug allows an attacker to manipulate asset prices by flooding a smart contract with repeated calls in order to steal assets.
Decentralized finance (DeFi) protocol Conic Finance was hit by a similar attack last week with the total loss of $3.6 million.
UPDATE (July 25, 13:50 UTC): Removes space from EraLend's name throughout.
Oliver Knight
Oliver Knight is the co-leader of CoinDesk data tokens and data team. Before joining CoinDesk in 2022 Oliver spent three years as the chief reporter at Coin Rivet. He first started investing in bitcoin in 2013 and spent a period of his career working at a market making firm in the UK. He does not currently have any crypto holdings.
