Staking and farming platform Bent Finance has become the sixth crypto establishment to get hacked this December. The acknowledgment of the attack was followed by requesting investors to withdraw their pool funds and disabling the reward claims on the compromised platform.
Bent Finance first realized the exploit on Monday at roughly 8:55 pm EST, a timeline when the company reported no loss of funds. However, the community suspected a rug-pull event when blockchain investigator PeckShield allegedly located the source of the hack transactions.
We have located the hack tx, which interestingly is sent from the Bent Finance: Deployer @BENT_Finance !!! What is going on?! https://t.co/3L4F1gcNYJ
— PeckShield Inc. (@peckshield) December 21, 2021
“Yes, we see the same and are working through it right now,” said Bent Finance as the team appointed two independent white hat developers to get a better understanding of the unfolding situation. The company confirmed soon after:
1/ There was an exploit from the bent deployer address, it added balance of cvxcrv and mim to an address on an unvierifed update 20 days ago. We just discovered this today. There are multiple members on this team and we will make this right.
— Bent Finance (@BENT_Finance) December 21, 2021
Bent Finance continues to advise its pool investors to withdraw the funds until the exploit is addressed. However, the company has confirmed to recover all stolen funds from the Bent curve pool:
“We recommend you withdraw from the protocol until further notice. We are not going anywhere and will recover from this one way or another.”
According to crypto fraud investigator and former member of the United States Secret Service Joe McGill of TRM Labs, the attackers managed to steal approximately 440 Ether (ETH) worth more than $1.6 million at the time of writing.
McGill’s investigations hinted that the attack has been ongoing since Dec. 12, which contradicts Bent Finance’s finding that suspects the attacker’s presence over the network since Dec. 1.
In December alone, five crypto companies — including Grim Finance, BitMart and AscendEX — have cumulatively lost over $600 million as a direct result of successful hacks. However, further investigations are underway to identify the losses from the Bent Finance exploit.
Bent Finance has not yet responded to Cointelegraph’s request for comment.
Related: Indian prime minister Modi's hacked Twitter account attempts BTC scam
Running parallel to the ongoing exploits on crypto businesses, December has also witnessed a momentary compromise of Indian Prime Minister Narendra Modi’s Twitter account, which was used to spread misinformation about Bitcoin’s (BTC) mainstream adoption in India.
As Cointelegraph reported, hackers from unknown origins took control of the prime minister’s account on Dec. 12, who has over 73.4 million followers, to declare BTC as a legal tender in addition to announcing a 500-BTC giveaway for Indian citizens.