The Zunami Protocol, a prominent player in the realm of decentralized finance (DeFi), recently issued a cautionary advisory to its user base, urging them to refrain from acquiring its Zunami Ether (zETH) and Zunami USD (UZD) stablecoins. This advisory came in the wake of a concerning incident that unfolded within the protocol’s ecosystem – an attack on its “zStables” pools hosted on the Curve Finance platform.
The pivotal moment arrived on August 13th when the Protocol officially acknowledged the occurrence of an attack via a post on their Twitter account, codenamed “X.” In their announcement, they disclosed that the stablecoin pools had indeed been subjected to an assault. However, they also emphasized that the security of the collateral remained intact as they initiated a comprehensive investigation to uncover the potential vulnerabilities exploited in the process.
Zunami hack
A deeper dive into the technical aspects of the situation reveals that the nefarious activity led to a significant monetary loss for the Protocol. According to estimations made by PeckShield, a reputable blockchain security firm, the pilferage amounted to a staggering $2.1 million. PeckShield attributed the breach to a critical issue involving price manipulation, which allowed the attacker to siphon off the substantial sum. Interestingly, another respected player in the blockchain security arena, Ironblocks, concurred with this assessment, further corroborating the scale of the attack.
In a testament to the swift responsiveness of the security experts in this field, PeckShield was among the first to detect the breach on Curve Finance, pinpointing the event on August 13th at precisely 10:47 UTC. This initial identification was later validated when the Protocol itself confirmed the incident roughly 20 minutes later. The coordinated effort between security firms and the protocol demonstrates the collaborative nature of the blockchain community in addressing such challenges.
The Protocol, recognized as a decentralized revenue aggregator protocol, operates by enabling users to engage in yield staking using stablecoins. One of its primary hubs for this activity lies within the Curve platform. Unfortunately, this attack had a severe impact on two integral components of Zunami’s ecosystem – the Zunami USD stablecoin and the Zunami Ether.