Statemind reveals 2-year-old exploit in Keep3r Network and 6 other protocols

CYBERSECURITY

DUBAI, UAE /PRNewswire/ -- Statemind, a leading blockchain security auditing firm, has announced that it has discovered a two-year-old exploit in the popular DeFi protocol Keep3r Network and related protocols. This development is significant as it continues the emergence of Statemind as a major player in the smart contract auditing sector.

Major Exploit Discovered In Keep3r Smart Contract

Keep3r is one of the projects from Andre Cronje, the brain behind the legendary DeFi project Yearn.Finance. According to the report, Statemind's team of expert auditors found the exploit in the GuageProxyV2 contract on Keep3r Network. GuageProxyV2 contract is a unique smart contract that distributes reward tokens on the Keep3r network, and auditors found a vulnerability that could allow an attacker to boost voting weights for rewards.

This was due to an imbalance in the `_vote()` function that enabled the passing of the same tokens in the `_tokenVote` array. So, in theory, an attacker could increase the voting weight of a particular token with a relatively small balance of the tokens, thereby manipulating the balancing system within Keep3r network.

Exploit Further Discovered In Six Other Blockchain Projects

Interestingly, the exploit had been active for the past two years, but no funds had been lost. Following this discovery, Statemind submitted a report to Keep3r network, which is expected to make the necessary changes to eliminate the exploit.

Also, the smart auditing platform immediately scanned for projects with similar exploits using a smart contract sanctuary of verified contracts. This action led to the discovery of several blockchain projects with similar vulnerabilities within their smart contracts, and Statemind contacted them with their report.

In total, the exploit vulnerabilities affected six blockchain projects and five chains. These include Pickle Finance, Milky Swap, Venera Swap, Keep3r Network, and Snowball Finance.

-Ends-

About Statemind

Statemind is a smart auditing platform that has made significant strides in recent weeks. Its biggest move prevented what could have been the third-largest hack in DeFi history when it discovered some vulnerability on the Avalanche blockchain.

Statemind has more than 100,000 LoC worth of Solidity and Vyper experience. Combined, the auditing firm has secured over $10 billion in TVL and counts LIDO, 1INCH and Yearn.Finance as some of its clients.

To learn about Statemind, visit the statemind.io website or follow Statemind on Twitter.

Contacts:
Alsu Irkabaeva, alsu.pr@statemind.io
King Eezzy, ezzyking.pr@statemind.io

Statemind reveals 2-year-old exploit in Keep3r Network and 6 other protocols

DISCOVER MORE

NEOM hosts leading industry figures and investors for its ‘Discover NEOM’ China showcase

The Potcast Productions Company secures an early financing round to expand into Saudi Arabia and the UAE

Red Sea Global and Warner Bros. Discovery unite on Red Sea coral documentary

Areeba solidifies leadership in MENA payment infrastructure with Mastercard certification

Tamkeen and UpGradelle partner to provide international training for engineering and ICT students

Riding the wave of Bitcoin innovation this halving season

QIB Profit grows by 5.5% to reach QAR 955mln for three months’ period ended 31 March 2024

Samsung Electronics ranks first in global digital signage market for 15th consecutive year

Albal Design launches UAE's first science based interior design concept

Emirates REIT achieves highest ever property income

Changer, leading European club for high-net individuals, sets its sights on Dubai to foster innovations and angel investments

Beltone Venture Capital signs partnership agreement with UAE-based investment group Citadel International Holdings

The Starbucks Foundation and Alshaya Starbucks are committed to providing humanitarian aid in Gaza

British Chamber highlights cybersecurity industry in boosting UK-PH trade

Local tech company helps drive cybersecurity awareness in Cebu, Philippines

Apple warns of 'mercenary spyware attack' on users in India, 91 other countries

As Eid approaches, beware of rise in cyberattacks

NBK warns customers of ‘scams’ when donating online to charities in Kuwait

LATEST VIDEO

VIDEO: Shipping freight rates may rise amid rising tensions between Iran, Israel

ZAWYA COVERAGE

Qatar Islamic Bank posts 5.5% rise in Q1 2024 net profit; misses estimate

Wealth from Saudi Arabia’s mining sector tops $2.5trln

Saudi’s NEOM plans to raise $1.3bln from first-ever sukuk sale: Bloomberg

VIDEO: Shipping freight rates may rise amid rising tensions between Iran, Israel

Dubai extends remote work for govt employees till Friday

Dollar eases, still close to 5-1/2 month high on Fed, Mideast focus

Osaka beaten in first round in Rouen on clay return

Gold drifts higher as Middle East turmoil lifts appeal

IMF, asked about U.S. tariff hike plans, says open trade is vital

THE BRI REPORT

China’s flagship global infrastructure initiative is changing in the face of potent headwinds