DeFi building block service Furucombo exploited for $14M

Furucombo, a drag and drop tool for users to create DeFi transactions, has been exploited.

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

The exploiter has stolen roughly $14M in ETH and ERC-20 tokens. According to The Block Research's Igor Igamberdiev, the exploiter used a fake contract to trick Furuсombo into thinking that Aave v2 had a new implementation and used this contract to transfer all approved tokens from Furucombo into their wallet.

According to a tweet from Furucombo, the project "believe" that the vulnerability has been patched and is "working on the next steps and will update our community as soon as we can."