Share this article
ZkSync's Largest Lender Struck by $3.4M Exploit
EraLend said the threat has been contained, but advises against deposits.
Updated Jul 25, 2023, 1:48 p.m. Published Jul 25, 2023, 1:34 p.m.
Make us preferred on Google
EraLend, the largest lending protocol on Ethereum scaling blockchain zkSync, has been hit by a $3.4 million read-only reentrancy attack, according to blockchain security firm CertiK.
The total amount of capital locked on EraLend slumped to $10.75 million from $18.5 million following the exploit, DefiLlama data indicate.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
"We've experienced a security incident on our platform today. The threat has been contained. We've suspended all borrowing operations for now and advise against depositing USDC. We're working with partners and cybersecurity firms to address this. More updates to follow," EraLend wrote in a tweet.
A read-only reentrancy bug allows an attacker to manipulate asset prices by flooding a smart contract with repeated calls in order to steal assets.
Decentralized finance (DeFi) protocol Conic Finance was hit by a similar attack last week with the total loss of $3.6 million.
UPDATE (July 25, 13:50 UTC): Removes space from EraLend's name throughout.
More For You
Pudgy Penguins is building a multi-vertical consumer IP platform — combining phygital products, games, NFTs and PENGU to monetize culture at scale.
What to know:
Pudgy Penguins is emerging as one of the strongest NFT-native brands of this cycle, shifting from speculative “digital luxury goods” into a multi-vertical consumer IP platform. Its strategy is to acquire users through mainstream channels first; toys, retail partnerships and viral media, then onboard them into Web3 through games, NFTs and the PENGU token.
The ecosystem now spans phygital products (> $13M retail sales and >1M units sold), games and experiences (Pudgy Party surpassed 500k downloads in two weeks), and a widely distributed token (airdropped to 6M+ wallets). While the market is currently pricing Pudgy at a premium relative to traditional IP peers, sustained success depends on execution across retail expansion, gaming adoption and deeper token utility.
More For You
UAE's central bank has approved a USD-backed stablecoin
The USDU stablecoin is issued by Universal Digital, a crypto firm regulated by the Financial Services Regulatory Authority (FSRA) of Abu Dhabi Global Market (ADGM).
What to know:
- Reserves backing USDU are held 1:1 in safeguarded onshore accounts at Universal’s banking partners: Emirates NBD and Mashreq, with Mbank.
- Digital asset infrastructure firm Aquanow has been appointed as a global distribution partner, supporting institutional access to USDU outside the UAE.
Top Stories
