Share this article
DeFi Protocol Conic Finance Hacked for 1,700 Ether
Security firm BlockSec said that the root cause of the attack was price manipulation caused by "read-only reentrancy."
Updated Jul 21, 2023, 2:04 p.m. Published Jul 21, 2023, 2:04 p.m.
Decentralized finance (DeFi) protocol Conic Finance said Friday that it had suffered an exploit that allowed an attacker to grab over 1,700 ether , worth over $3.6 million at current prices, that affected one of its Omnipools.
Security firm BlockSec said that the root cause of the attack was price manipulation caused by "read-only reentrancy." Reentrancy is a common bug that allows attackers to trick a smart contract by making repeated calls to a protocol in order to steal assets. A call is an authorization for the smart contract address to interact with a user’s wallet address.
STORY CONTINUES BELOW
We are currently investigating an exploit involving the ETH Omnipool and will share updates as soon as they are available.
— Conic Finance (@ConicFinance) July 21, 2023
Conic Finance, which went live on March 1, allows users to deposit tokens into its Omnipools, a new product that diversifies exposure across the Curve ecosystem while increasing rewards. The protocol attracted millions of dollars in capital shortly after going live, suggesting huge demand for such a product.
Each Omnipool allocates liquidity of a single asset into different Curve pools. All Curve liquidity provider (LP) tokens get staked on Convex to boost Curve (CRV) rewards earnings. Convex (CNX), another Curve ecosystem token, is also rewarded, as is Conic (CNC), Conic’s native token.
Meanwhile, Conic Finance developers tweeted that they were continuing to investigate the root cause of the exploit and were consulting with relevant parties.
The developers added that they had closed the faulty pool that apparently allowed the hack to take place. "We have disabled ETH Omnipool deposits on the Conic front end," they wrote.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
NFT Project Pudgy Penguins Takes Over Las Vegas Sphere in Holiday Campaign
The NFT brand’s animated segments will air on the Sphere across Christmas week, signaling the crypto company's move into real-world consumer markets.
What to know:
- Pudgy Penguins will run an ad campaign at the Las Vegas Sphere during Christmas week, one of the few crypto brands to secure a spot at the high-profile venue.
- The NFT project, which launched on Ethereum in 2021, has expanded into physical toys and digital gaming as part of a broader consumer push.
- Pudgy Penguins briefly overtook Bored Apes in floor price earlier this year and recently launched its PENGU token on Solana, now trading on major exchanges.
Top Stories
