DeFi Protocol Penpie Exploited for $27M of Crypto Assets; PNP Token Craters 40%

Decentralized finance (DeFi) protocol Penpie, built on top of tokenized yield platform Pendle, suffered an exploit on Wednesday, crypto observers reported.

DeFi protocol Penpie, built on tokenized yield platform Pendle, suffered an exploit on Wednesday, crypto observers reported.

The alleged exploiter drained roughly $27 million of crypto assets including various types of staked ether (ETH), Ethena's sUSDE and wrapped USDC stablecoin from the protocol, blockchain data shows. Later, it converted the proceeds to ETH using predominantly Li.fi and forwarded the asset to a new address, according to Etherscan data.

The exploiter's address was originally funded with 10 ETH, worth roughly $25,000, via crypto mixer Tornado Cash a few hours before the exploit took place, data shows.

Pendle confirmed that it identified a security compromise on Penpie's protocol and will maintain close communication with the team. Pendle added that investors' funds are safe on Pendle, but temporarily paused all contracts as a precautionary measure.

Penpie's token (PNP) cratered following the exploit, declining 40% in total during the day, CoinGecko data shows. Pendle (PENDLE) was down nearly 8% over the past 24 hours, underperforming bitcoin's (BTC) and ETH's 1%-3% decline.

The exploit comes amid a broader downturn in crypto markets, with bitcoin, ETH and other major cryptocurrencies trading lower over the past 24 hours.

However, the markets have seen a strong recovery in 2023, with bitcoin surging over 40% year-to-date.

DeFi protocols are prone to hacks and exploits, and Penpie's attack was the latest example of that. Digital asset users lost some $2 billion in scams, hacks and exploits throughout 2023, De.fi reported earlier.