Aevo suffered a loss of 2.7 million USD after an exploit took advantage of manipulated prices from an oracle upgrade. Attackers drained ETH and USDC by exploiting the old Ribbon Finance smart contract.
The exploit involved fake options that manipulated expiry prices, allowing funds to be distributed among 15 wallets, some connected to treasury pools. Security measures were circumvented due to the flaws in the oracle upgrade.
Leave a Reply