UwU Lend, an Ethereum-based lending and liquidity protocol, has experienced its second exploit within a week. On June 13, hackers drained $3.72 million from the platform, just days after a $19.3 million exploit on June 10.
UwU Lend Exploit Details
The ongoing exploit has already stolen $3.5 million from various asset pools, including uDAI, uWETH, uLUSD, uFRAX, uCRVUSD, and uUSDT. These assets have been converted to ETH and transferred to the attacker’s address: 0x841dDf093f5188989fA1524e7B893de64B421f47.
Multiple security firms confirmed that both attacks were executed by the same perpetrator using flash loans. Cyvers, an on-chain data analytics platform, alerted UwU Lend to the second exploit.
Impact and Response
The price of UWU, UwU Lend’s governance token, has dropped 14.5% over the past week and has lost 81% of its value over the past year, bringing its market cap down to $26 million, according to CoinGecko. The protocol was in the process of reimbursing victims of the first hack, having repaid over $9.7 million, including 481.36 WETH worth over $1.7 million.