- Convergence of decentralized governance hedge fund platforms has been leveraged.
- 58 million CVG tokens were issued and exchanged.
- After the hack, the value of the CVG token plummeted 99% from $0.12 to $0.0004.
On Thursday, a major breach occurred on decentralized finance (DeFi) protocol Convergence, causing the CVG token to crash dramatically.
The attack resulted in the creation of 58 million CVG tokens, which were exchanged for approximately $200,000 worth of wrapped ether (wETH) and the crvFRAX stablecoin.
Hackers exploited a vulnerability in Convergence’s codebase.
According to QuillAudits, a web3 security company, the malicious activity was carried out by exploiting vulnerabilities within the protocol’s codebase.
The attacker exploited this flaw to mint a huge amount of CVG tokens, then exchanged them for wETH and crvFRAX via Curve’s liquidity pool. After the token exchange, the attacker converted the funds into Ether (ETH) and moved them to Tornado Cash, a privacy tool designed to hide the traces of the transactions.
The breach resulted in financial losses of approximately $210,000, and CVG token holders saw their tokens lose significant value.
Before the attack, CVG’s fully diluted value was $17 million. However, the token price in the Curve liquidity pool crashed by 99%, falling from $0.12 to a fraction of a cent, trading at $0.0004.
brake, @convergence_fi The attack just resulted in a loss of approximately $210,000. 🚨
The attackers minted $58 million. $CVG Exchanged tokens for 60 WETH and 15.9k crvFRAX.
price $CVG At the time of the exploit the price was $0.1155. 99% was dumped and is now at $0.000413… pic.twitter.com/43MJGjQg2i
— QuillAudits ➡️ Web3 Security 🥷🛡️ (@quillaudits_ai) August 1, 2024
Convergence asks users to pause activity on the platform.
In response to this incident, Convergence advised users to refrain from interacting with the protocol to avoid further risks.
🚨 Emergency Communication 🚨
Convergence has been hacked. Do not interact with the protocol.
— Convergence (@Convergence_fi) August 1, 2024
The protocol team and security experts are currently investigating the breach to prevent future vulnerabilities and minimize the damage caused by this exploit.
This incident highlights the ongoing risks associated with DeFi protocols and the importance of robust security measures to protect digital assets.