One of the largest decentralized exchanges (DEX), Curve Finance, fell victim to a hacking attack, resulting in estimated losses ranging from $41 million to $52 million. Additionally, other projects using the Vyper programming language are also at risk.
Confirmation of the breach was provided by the platform's administration. According to their statement and research conducted by the Vyper project's development team, the attacker exploited a backdoor vulnerability to gain unauthorized access to the smart contract.
The affected pools on Curve Finance were using versions 0.2.15, 0.2.16, and 0.3.0 of Vyper. As a result of the attack, all mentioned pools were drained, and the exchange is still assessing the damage. The exact amount of stolen funds remains unknown.
Amid these events, the CRV price plummeted, presenting an excellent arbitrage case for us as a cryptocurrency scanner and screener, particularly on DEX exchanges.
At the time of the hack, the spread was around 700%. Arbitrage traders were buying on DEX at 6-7 times cheaper and then depositing and selling on Binance. This trading opportunity was available for about 15 minutes, after which all exchanges halted fund deposits and withdrawals.
This trade could have been executed on 30.07.23 from 22:08 to 22:17.
Uniswap prices for ERC20 tokens were around ~0.1.
During the same timeframe, the price on Binance was around ~0.65.
Therefore, those who noticed this spread using our Screener were able to earn significantly. Cases involving hacks like this will continue to emerge sooner or later. Scammers will seek any opportunity to steal funds. Our best approach is to secure ourselves and our data as much as possible (which is why we don't use APIs) and try to turn such incidents to our advantage.
In our previous arbitrage case: Unlocking Profit Opportunities: USDC vs. USDT Arbitrage Case of Successful Trading Strategies!