Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124

The decentralized finance (DeFi) ecosystem recently suffered significant setbacks with two major exploits targeting Cork Protocol and Cetus. These incidents highlight the persistent cybersecurity vulnerabilities within the crypto space, raising concerns about consumer confidence and prompting calls for enhanced security measures.
On May 28th, Cork Protocol, a DeFi platform, experienced a smart contract exploit resulting in the loss of approximately $12 million in digital assets. Cybersecurity firm Cyvers pinpointed the attack at 11:23:19 UTC, tracing the funds to an address ending in “762B.” The attacker stole roughly 3,761 Wrapped Staked Ether (wstETH), swiftly converting it to Ether (ETH). Cork Protocol co-founder Phil Fogel announced a temporary pause of all contracts while investigations are underway.
This attack follows closely on the heels of another significant breach at Cetus, a decentralized crypto exchange (DEX) built on the Sui network. On May 22nd, Cetus was compromised, resulting in the theft of $223 million. Sui validators acted swiftly, freezing a substantial portion of the stolen funds. However, this action sparked a discussion surrounding network centralization and the appropriate response from validators to major hacks. The Cetus team offered a $6 million bounty to incentivize white hat hackers to assist in recovering the remaining stolen funds.
A post-mortem report by blockchain security firm Dedaub revealed the Cetus exploit stemmed from a manipulation of liquidity parameters within the automated market maker (AMM). Hackers exploited a vulnerability in the most significant bits (MSB) check, allowing them to surreptitiously add massive liquidity and drain other pools of hundreds of millions of dollars. This highlights the critical need for rigorous security audits and robust code reviews in DeFi applications.
Both incidents underscore the ongoing challenges in securing DeFi protocols. The frequency and scale of these exploits demand a concerted effort from developers, security firms, and regulators to improve security protocols and raise awareness among users about the inherent risks in the DeFi space. The lack of robust security measures not only threatens individual investors but also undermines the overall credibility and stability of the DeFi ecosystem.