The decentralized lending protocol UwU Lend has been the victim of a second exploit this week, with hackers managing to drain around $3.7 million from the platform. This latest incident marks the second time UwU Lend has been compromised through the use of flash loans, with blockchain security firms Beosin and Blocksec attributing both attacks to the same perpetrator.
Another suspicious transaction targeting @UwU_Lend, another $3.7M. https://t.co/HlYhkdKR07 pic.twitter.com/1xjayELAyw
— BlockSec Phalcon (@Phalcon_xyz) June 13, 2024
The stolen funds, which were converted to Ether, currently reside in the attacker’s wallet address. This comes just days after the protocol was hit with a $20 million flash loan exploit on June 10th, which the team had claimed to have resolved the underlying vulnerability.
🚨@UwU_Lend was just under another ~$3.7M exploit by the same attacker on Jun 10.
Attacker:
0x841dDf093f5188989fA1524e7B893de64B421f47 https://t.co/Vr1citK0xs— Beosin Alert (@BeosinAlert) June 13, 2024
UwU Lend’s Troubled History
UwU Lend was established by Michael Patryn, who has previously operated under the aliases Omar Dhanani and 0xSifu. Patryn co-founded the now-defunct cryptocurrency exchange QuadrigaCX, which collapsed amidst allegations of fraud.
“The lending protocol did not immediately respond to The Block’s request for comment.”
Key Points:
- UwU Lend drained for $3.7 million in second exploit this week
- Attack was attributed to the same perpetrator as the previous $20 million flash loan exploit
- Stolen funds converted to Ether and held in the attacker’s wallet
- UwU Lend was founded by Michael Patryn, who has used aliases and co-founded the failed QuadrigaCX exchange
The decentralized lending protocol UwU Lend has once again fallen victim to a flash loan exploit, with hackers managing to drain $3.7 million from the platform. This marks the second such incident this week, as the protocol had previously been hit with a $20 million attack on June 10th.
Blockchain security firms Beosin and Blocksec have attributed both exploits to the same perpetrator, who has now converted the stolen funds to Ether and holds them in their own wallet address. The lending protocol had claimed to have resolved the underlying vulnerability after the first attack, but it appears the issue persisted.
UwU Lend was established by Michael Patryn, a figure with a troubled history in the crypto space. Patryn has operated under various aliases, including Omar Dhanani and 0xSifu, and was a co-founder of the now-defunct QuadrigaCX exchange, which collapsed amidst allegations of fraud.
The lending protocol did not immediately respond to The Block’s request for comment on the latest incident.