Close Menu
    Facebook X (Twitter) Instagram
    • Privacy Policy
    • Terms Of Service
    • Social Media Disclaimer
    • DMCA Compliance
    • Anti-Spam Policy
    Facebook X (Twitter) Instagram
    Deep Tech Ledger
    • Home
    • Crypto News
      • Bitcoin
      • Ethereum
      • Altcoins
      • Blockchain
      • DeFi
    • AI News
    • Stock News
    • Learn
      • AI for Beginners
      • AI Tips
      • Make Money with AI
    • Reviews
    • Tools
      • Best AI Tools
      • Crypto Market Cap List
      • Stock Market Overview
      • Market Heatmap
    • Contact
    Deep Tech Ledger
    Home»Crypto News»DeFi»StakeDAO vsdCRV Attacker Limited to $91K By Thin Liquidity
    Cointelegraph
    DeFi

    StakeDAO vsdCRV Attacker Limited to $91K By Thin Liquidity

    May 27, 20262 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email
    ledger


    An attacker minted more than 5.4 trillion vsdCRV on Arbitrum after a suspected compromise of a StakeDAO-linked deployer key, though thin liquidity limited the realized proceeds to about $91,000.

    Blockchain security firm PeckShield said Wednesday the attacker swapped part of the minted vsdCRV for 43.7 Ether (ETH), worth about $91,000, and bridged the funds to Ethereum. Onchain analyst EmberCN said the attacker swapped about 16.83 million vsdCRV, while the remaining tokens had little meaningful liquidity to exit.

    EmberCN estimated the 5.4 trillion vsdCRV at about $763 billion on paper, though the figure does not represent the attacker’s realized profit or the protocol’s confirmed loss.

    The incident highlights the gap between nominal token values and extractable value in decentralized finance exploits, where attackers can mint enormous token amounts but only cash out what available liquidity allows. In this case, the attacker’s proceeds were limited by the small size of vsdCRV liquidity pools.

    ledger

    StakeDAO said it was aware of the incident and warned its users not to interact with vsdCRV.

    Stake DAO said it was aware of the incident. Source: Stake DAO

    Incident points to a deployer-key compromise 

    Shalev Keren, chief product officer and co-founder of crypto key-management firm Sodot, told Cointelegraph that the StakeDAO incident was “structurally similar” to other deployer-key compromises seen this year, including the Wasabi incident last month, which drained about $5.5 million in crypto. 

    Keren said a single StakeDAO deployer key on Arbitrum was used to repoint the vsdCRV cross-chain bridge configuration to an attacker-controlled contract on Ethereum. About 25 seconds later, that contract sent a LayerZero message back to Arbitrum, causing the legitimate Arbitrum token to mint more than 5 trillion vsdCRV to the attacker.

    Related: Crypto hackers stole $17B over past 10 years: DefiLlama

    “There is no smart contract bug here and no flaw in LayerZero,” Keren said. “There is one private key, controlling one privileged configuration function, with no multi-signature and no delay between the configuration change going through and the mint clearing onchain.” 

    Keren said the broader issue for DeFi protocols in 2026 is no longer only whether contracts are audited, but whether the operational keys behind those contracts remain single points of failure. 

    Magazine: ETH bears growling, Tom Lee’s buying, XRP to ‘explode’: Market Moves



    Source link

    bybit
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    CryptoExpert
    • Website

    I’m someone who’s deeply curious about crypto and artificial intelligence. I created this site to share what I’m learning, break down complex ideas, and keep people updated on what’s happening in crypto and AI—without the unnecessary hype.

    Related Posts

    Aave Brings V4 to Avalanche as Tokenized Asset Market Grows

    July 16, 2026

    Ostium Pauses Trading After Apparent Oracle Exploit Targets OLP Vault

    July 15, 2026

    Dragonfly Pushes Back on DeFi AI ‘Hackpocalypse’ Fears

    July 15, 2026

    Humanity Protocol to Prioritize Operational Security following $36M Hack

    July 14, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    bybit
    Latest Posts

    Examining Google DeepMind’s AI bioresilience push

    July 16, 2026

    Steak ‘n Shake credits Bitcoin for company growth

    July 16, 2026

    Trump and Pelosi Secretly BUYING the SAME 10 Stocks

    July 16, 2026

    Bitcoin Realized Losses Join A Growing Number Of Early BTC Price Bottom Signals

    July 16, 2026

    Kraken API Partner Program Introduces Developer Upgrade Features

    July 16, 2026
    murf
    LEGAL INFORMATION
    • Privacy Policy
    • Terms Of Service
    • Social Media Disclaimer
    • DMCA Compliance
    • Anti-Spam Policy
    Top Insights

    Bitcoin Drops Back to Its Local Range as Bear-Market History Repeats

    July 17, 2026

    Ai Course Creator (Guide 2026)

    July 17, 2026
    murf
    Facebook X (Twitter) Instagram Pinterest
    © 2026 DeepTechLedger.com - All rights reserved.

    Type above and press Enter to search. Press Esc to cancel.