Popsicle Finance, a yield optimization platform, has lost $25 million as a result of a hacker attack. Security researcher Mudit Gupta has reported:
"The hack was complex but the bug was simple."
Subscribe to our Telegram channel to stay up to date on the latest crypto and blockchain news.
Gupta has reported he had previously identified a similar bug in another protocol, however, it has been exploited about a dozen times.
The latest problems that are affecting DeFi users are related to the recent update of the decentralized exchange Uniswap, which has given liquidity providers the ability to customize some parameters. For example, to increase their profits, they can define a price range in which liquidity will be provided. As a result, liquidity providers are motivated to adjust the range as precisely as possible and are forced to make changes when it is exceeded.
One of Popsicle Finance's products, Sorbetto Fragola, helps solve this problem by placing assets in the most profitable pools in exchange for a small fee. A bug has been discovered in this one that has resulted in users suffering large losses.