UNKNOWN

MARCH 2024

GLOBAL

PENDLE FINANCE

DESCRIPTION OF EVENTS

"How much will you earn from lending 1,000 USDC on Aave? 1%? 3%? 5%?

 

Truth is, you can't say for sure. Yield fluctuates just like token prices. It tends to go up in bull markets, and go down in bear markets, and there are further micro-factors that cause fluctuations within those general market trends."

 

"With Pendle, you can always maximise your yield: increase your yield exposure in bull markets and hedge against yield downturns during bear markets."

 

"Pendle is a permissionless yield-trading protocol where users can execute various yield-management strategies."

 

"At around 1am UTC, the team noticed that we had been logged out of @pendle_fi across our devices. We tried to reset the password but at this point, the email address registered to the account had already been changed, which was odd since we could not identify any access points"

 

"1. 2FA was enabled with no connection to any phone numbers

 

2. Confirmed that all external accounts and log-in points were not compromised (e.g. password manager, email, 2FA, etc)"

 

"Once we confirmed that access had been lost, we immediately put out a PSA via other accounts and an official report was submitted to X.

 

Team also reached out to partners and everyone within our circle to warn of this compromise, and requested help on spreading this awareness."

 

"With the help of our friends, the team was able to get in touch with an X official directly.

 

This was also around the same time when the hackers made their first move - a fake airdrop post and phishing link."

 

"With the help of X officials and some third-parties, we were finally able to put @pendle_fi on lockdown, and marked all of the posts from the hacker as spam.

 

Entire process from identifying the compromise to regaining control lasted ~2 hours."

 

"Team is still working with @X to identify exactly how this happened, but as of now no possible access point has been identified yet, aside from hackers impersonating a Pendle team member to reset the account.

 

Further details will be shared once confirmed"

 

"Special shoutout to @MikeSilagadze, @zachxbt and @_0xbe1 for their assistance and lightning responsiveness. It was thanks to them that we were able to act swiftly in counteracting the issue."

 

"The Pendle team has regained control of this account.

 

Thank you to everyone who helped and guided us in this ordeal, really appreciate it.

 

For the details of what happened, please refer to our post-mortem"

Pendle Finance offers tools to assist users in optimizing their yield on DeFi loans, enabling more predictable yield generation stretegies. On March 30th, they lost the ability to access their Twitter account, and the account appeared to be linked to a different email address. In the 2 hours prior to regaining access through direct contact with the Twitter team, a fake airdrop was launched in their name. The team ultimately did regain access, however their account was secured with two-factor authentication which was not SMS-based and they have been unable to identify any vulnerabilities on their end which contributed to the breach.

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.