Emre Yumlu 
Cork Protocol, a decentralized finance (DeFi) platform that enables the trading of risks tied to pegged assets, has temporarily paused its contracts after losing approximately $12 million worth of wstETH (wrapped staked ETH).
According to analysis by blockchain security firm Cyvers, the attacker managed to withdraw a total of 3,761.87 wstETH using a malicious smart contract. So far, the stolen funds have only been swapped for ETH and have not yet been dispersed across multiple wallets, which marks a slight deviation from typical on-chain attack behavior.
Phil Fogel, founder of Cork Protocol, confirmed the incident via social platform X, stating: “We have identified a potential exploit in Cork Protocol and have paused all contracts. We are conducting a full investigation into the matter.”
Next-Gen DeFi Model Under Threat
Launched in March, Cork Protocol introduced a new approach to the DeFi space by allowing speculation on the difference between an asset’s intended value and its market price. This model made it possible to trade financial risks linked to depeg events.
The platform had secured backing from notable investors such as a16z Crypto, OrangeDAO, and Steakhouse Financial in September 2024. It was also accepted into the CSX Fall 2024 cohort of a16z Crypto.
This incident once again highlights how security vulnerabilities remain a major challenge in the DeFi sector and emphasizes the importance of reinforcing innovative protocols with robust protective measures.
You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.