The Curio DeFi project recently experienced a security breach, resulting in an estimated $16 million in damages, as determined by experts at Cyvers Alerts.
Analysts at Cyvers Alerts suggest that the attack likely exploited a vulnerability in the permissioned access logic, enabling the perpetrator to generate an additional 1 billion CGT tokens. This unauthorized creation resulted in the hacker gaining control of CGT tokens valued at nearly $40 million.
Cyvers Alerts issued their warning following Curio’s alert to the community regarding a smart contract exploit. The compromised smart contract, based on MakerDAO and utilized within the Ethereum ecosystem, was identified as the point of vulnerability.
In February, the cryptocurrency industry experienced a decrease in losses attributed to hacks and scams, totaling around $67 million, approximately half the figure recorded in January. Notably, all attack vectors were linked to the DeFi sector during the reporting period, with centralized platforms remaining unscathed.
The majority of losses in February stemmed from security breaches at the gaming platform PlayDapp, which incurred a loss of $32.35 million, and the decentralized exchange FixedFloat, which suffered a loss of $26.1 million. Additionally, the cryptocurrency casino Duelbits reported a loss of $4.6 million due to a compromised private key.