Curve Finance has recovered 70% of hacked funds, with distribution planned

Quick Take

  • Curve Finance has recovered 70% of the funds lost in a recent hacking incident.
  • The remaining funds are still under active investigation.

Curve Finance has recovered 70% of funds worth about $50 million lost in a recent hacking incident on its platform, alleviating concerns for many users and stakeholders. 

“While 70% of funds affected by the hack last week are recovered, active investigation with regards to the rest is underway,” Curve said in a statement.

Recovered funds were either directly given back by multiple hackers involved or saved with the assistance of ethical operators of MEV bots, such as c0ffeebabe.eth.

“In the meantime, we are also working on measuring the respective shares of each affected user with the goal of proper distribution,” Curve said.

Bounty announced 

Earlier this week, Curve announced a $1.85 million bounty to anyone who can accurately identify the attackers with the remaining funds.

The hack, occurring on July 30, led to a loss of $73.5 million across multiple projects within Curve’s factory pools, including well-known names like JPEG'd, Metronome and Alchemix.

During the attack, factory pools on Curve Finance were confronted with a "reentrancy vulnerability," a critical security flaw that allowed attackers to maliciously drain funds by exploiting its smart contract logic.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.