$20M Stolen from DeFi Project Pickle Finance

$20M Stolen from DeFi Project Pickle Finance

By Abhimanyu Krishnan | News | 23 Nov 2020

A hacker has stolen nearly $20 million from DeFi protocol Pickle Finance, according to an official statement on Nov. 22.

  • The hacker had drained 19,759,355 DAI from the pDAI PickleJar (forked versions of Yearn Finance vaults) on Nov. 21 
  • The team conducted a forensic analysis of the exploit, which they labelled as highly complex
  • Shortly after the analysis, the team implemented a fix and provided an abridged version of the exploit’s post-mortem 
  • The attacker created two smart contracts to exploit the swap functions of the PickleJar’s Controller contract, eventually withdrawing DAI from the pDAI PickleJar
  • In short, the attacker exploited several design flaws within the platform’s smart contracts
  • This hack follows several that have occurred in the DeFi space in 2020, which hackers have targeted as has investors have flocked to its high yield programs
  • Harvest Finance recently lost $24 million in hack in the most high-profile case in recent months, and others victims include bZx and Balancer

Abhimanyu Krishnan
Abhimanyu Krishnan

Technophile, cryptocurrency enthusiast and journalist.


Official Publish0x Crypto News Channel

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.