Decentralized finance protocol Zunami Protocol has confirmed it has encountered an attack on its “zStables” stablecoin pools.
Blockchain security firm PeckShield was one of the first to detect the possible exploit on Curve on August 13 at 10:47 UTC. Zunami then confirmed the attack about 20 minutes later.
Zunami said that collateral in the pools remain secure and that the issue is now under investigation.
It appears that zStables have encountered an attack. The collateral remain secure, we delve into the ongoing investigation.
— Zunami Protocol (@ZunamiProtocol) August 13, 2023
It is currently believed a flash loan price manipulation attack has taken place, with Zunami USD and Zunami ETH pools impacted.
Initial estimates from Web3 security firm Ironblocks has pegged the attack to have caused $2.1 million in Ether (ETH) stolen. PeckShield arrived at the same figure.
first investigation of the recent exploit in @ZunamiProtocol
the attacker: 0x5f4c21c9bb73c8b4a296cc256c0cde324db146df
the attacker contract: 0xa21a2b59d80dc42d332f778cbb9ea127100e5d75
the stolen amount: 2,127,000 $ (1,152 ETH)
— Ironblocks (@Ironblocks_) August 13, 2023
Zunami is a decentralized revenue aggregator protocol which allows users to stake stablecoins for yield, with its largest stable pools situated on Curve.
Cointelegraph reached out to Zunami for comment but did not receive an immediate response.
This is a developing story, and further information will be added as it becomes available.