EddieJayonCrypto

 26 Jun 25

tl;dr

Resupply, a decentralized stablecoin protocol linked to Convex Finance and Yearn Finance, was exploited for $9.5 million through a price manipulation attack in a low-liquidity market. The attacker used flash loans and manipulated the cvcrvUSD token price to bypass collateral checks, borrowing nearly...

Resupply, a decentralized stablecoin protocol connected to Convex Finance and Yearn Finance, suffered a significant exploit resulting in a $9.5 million loss. The attacker employed flash loans and manipulated exchange rates in a low-liquidity market, artificially inflating the price of the cvcrvUSD token to bypass solvency checks and borrow nearly $10 million worth of reUSD tokens with minimal collateral.

Following the breach, the stolen tokens were swiftly converted into USDC and wrapped Ethereum (WETH). Portions of these funds were anonymized using Tornado Cash before being dispersed across multiple addresses. Resupply promptly paused the affected market segment and confirmed the incident, committing to release a detailed post-mortem report soon.

This attack is part of a troubling trend of increasingly sophisticated DeFi exploits. It follows recent high-profile breaches such as the $49 million hack of Iranian exchange Nobitex and the $223 million exploit of Sui-based decentralized exchange Cetus. These incidents highlight evolving tactics where attackers leverage complex vulnerabilities in liquidity pools and decentralized protocols rather than direct exchange hacks.

Moreover, the focus of cybercriminals appears to be shifting towards trusted crypto data platforms rather than traditional exchange targets. Former Binance CEO Changpeng Zhao has noted a rise in phishing attacks against platforms like CoinMarketCap and Cointelegraph, aiming to deploy wallet-draining scams rather than breach exchange infrastructures directly.

Resupply’s exploit underscores the importance of rigorously testing DeFi protocols and maintaining vigilant market monitoring. As decentralized finance continues to grow, these events serve as stark reminders of the risks involved and the continual evolution of the threat landscape within the crypto ecosystem.

Disclaimer

The opinions expressed by the writers at Grow My Bag are their own and do not reflect the official stance of Grow My Bag. The content provided on our site is not intended as investment advice, and Grow My Bag is not an investment advisor. We do not endorse buying or selling any cryptocurrencies or digital assets mentioned in our articles. High-risk investments in Bitcoin, cryptocurrencies, and digital assets require thorough due diligence, and all transfers and trades made are at your own risk. Grow My Bag is not responsible for any potential losses and participates in affiliate marketing.
 27 Jun 25
 27 Jun 25
 27 Jun 25