Decentralized Cryptocurrency Protocol, Silofinance, confirmed on Wednesday that hackers misused smart contracts on their networks. Reports from security analysts show that the exploit could have resulted in a loss of around $545,000.
A vulnerability was discovered in a user-controlled input problem for the contract’s OpenLeveragePosition function, according to blockchain security company Peckshield.
We are aware of ongoing security notifications from our Real-Time Risk Monitoring Partner @hypernativelabs.
Ensure that Silo’s core smart contracts, including markets and safes, are not affected.
The scope is limited to smart contracts for automatic leverage…
– Silo Labs (@silofinance) June 25, 2025
The Silo Finance team argued that certain contracts are not part of the main protocol infrastructure and are instead being used to test new leverage features. We have assured users that the platform’s core contracts are not affected.
Following the exploit, Silo’s price plummeted to around $0.04035, down 11% over the past 24 hours. data From Coingecko.
Exploits used tornado cash
The malicious activity came from wallets that received funds through transad cash. This is a mixed encryption service used to obscure transaction trails.
Peckshield reported that the threat intelligence system detected suspicious code 3 minutes and 20 seconds before the exploit was run.
Today, an unpublished audit agreement for leveraged features has been misused. This contract was only tested.
Core contracts are safe – markets and safes. ✅
No user funds were lost except for some Silo Dao funds that were used to test the leverage feature.
we…
– Ayham (AJ) (@ayham_eth) June 25, 2025
In response to the violation, Silofinance suspended the affected contract. The team has issued a statement explaining in X.The range is limited to auto-leveraged smart contracts and is currently suspended. This is the function currently being expanded for testing purposes. ”
Co-founder Aiham Jaabari also spoke about the incident and wrote on his official X account.
“Today, an unpublished audit agreement for leveraged features has been misused. This contract was only tested. The core contract is secure, market and safe. No user funds were lost except for some Silo Dao funds that were used to test the leverage feature. We are in it. ”
SILO said that neither the markets or safe contracts in which the user fund actually holds have been in vain. According to the team, the suspension agreement has not yet been officially rolled out as part of Silo’s main product offering, and user deposits were not affected.
Only funds belonging to Silo Dao, a decentralized autonomous organization that oversees protocol governance, were used on the affected ones. Smart Contract. Internal funds were used to test experimental leverage features and were the only assets lost in exploits.
On-chain analysis shows that silo traders were rushing to off-road or rebalance holding after a breach of smart contract. The 14-day relative strength index (RSI) is below 36, suggesting that the token has entered the territory where it was sold. Meanwhile, the 50-day moving average is well above current price levels, at around $0.055, making it very likely that the silo will continue in the short-term downtrend.
Cork Protocol Exploiter Resurfaces
Earlier today, blockchain security investigators tracked activity on the chain from the Cork Protocol exploit. On the same day as Silo Hack, Peckshield flagged transactions from addresses previously linked to attackers who emitted about $12 million from the Cork protocol in May.
#peckshieldalert #corkprotocol exploiter 2 – Labeled addresses transferred a total of 4,520 $eth (worth ~$11 million) to #tornadocash and donated $10 of eth to #juicebox.
– Peckshieldalert (@peckshieldalert) June 25, 2025
The exploit began by sending 1,410 ETH, worth about $3.2 million, into tornado cash. A few minutes later, another 3,110 ETH passed through the same service, increasing the laundry value to 4,520 ETH. That amounts to about $11 million at current prices.
Security company Certik too Confirmed Transactions, state, “This morning, the Cork Protocol Exploit deposited 4,520.2 ETH (~$11.4 million) into the tornado.”
This is the first fund movement from an exploit-related address since May 28th. The original exploit targeted cork’s wsteth:Weeth Market, leading to the theft of 3,761 wrapped stained ETH (WSTETH).
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
