Decentralized exchange Curve Finance suffered a massive drop in crypto assets after it was hacked on Sunday.
The exchange, which specializes in stablecoins, has announced that it has found a vulnerability in its code that allows hackers to drain some liquidity pools.
After the project advised users to withdraw their funds from the affected pools, there was a 50% reduction in the total locked value.
According to DeFiLlama, Curve Finance had more than $3.1 billion in crypto assets on its platform before the attack. As of Monday, that figure had dropped to $1.62 billion, resulting in a loss of more than $1.5 billion. Some of the funds were stolen by hackers, while others were moved to be hidden by users or white hat hackers.
The attack was caused by a vulnerability in Vyper, a programming language used by many DeFi applications. Curve Finance identified four major liquidity pools that were compromised and asked users to withdraw their funds from these pools.
The hack also affected the price of CRV, Curve Finance's native token. According to CoinGecko, the token has lost 17% of its value since the hack was announced.
This could pose a risk to Michael Egorov, founder of Curve Finance, who has borrowed more than $100 million from various DeFi lending platforms using CRV as collateral. If the price of the CRV drops further, it could face liquidation of its loans.
Egorov said he is working to minimize or eliminate the impact of the hack and reduce his debts. He also said he is confident Curve Finance will get through this event and continue to provide liquidity for stablecoins in DeFi.
According to Kaiko, a crypto data firm, Curve Finance is the largest liquidity provider for stablecoins in DeFi.
*Not investment advice.