Hacker Mints 5.4 Trillion Tokens in StakeDAO Exploit, Nets $91K - "The Defiant"

You've reached your guest reading limit.

By continuing, you agree to our Terms and Privacy Policy.

A hacker compromised StakeDAO's deployer private key on Wednesday, minting 5.4 trillion vsdCRV tokens on Arbitrum and swapping a portion for roughly $91,000 worth of ETH, an attack that rippled into Curve Finance's lending market and forced yield optimizer Beefy Finance to pause an affected vault.

StakeDAO, a DeFi protocol with $131 million in total value locked that allows users to earn boosted yields on Curve Finance liquidity pools through locked CRV positions, warned users to stop interacting with vsdCRV immediately following the incident. The protocol has not disclosed the total value of assets at risk or a timeline for remediation.

StakeDAO's SDT governance token fell approximately 6.6% in the 24 hours surrounding the incident, according to CoinMarketCap data, with trading volume in SDT spiking more than 400%, per CoinGecko.