ConcentricFi, a liquidity management protocol on the Arbitrum blockchain, faces a security breach, estimating losses at $1.6 million.
Vault Approvals Alert:
ConcentricFi warns users to revoke vault approvals as the exploiter targets them.
Initial CertiK Alert:
Blockchain security firm CertiK's initial alert prompts ConcentricFi's confirmation of the breach.
Threat Actor Identification:
CertiK links threat actor from OKX exploit to ConcentricFi breach through wallet analysis.
Platform Overview:
ConcentricFi operates an Arbitrum-based automated liquidity management platform, utilizing Camelot v3 for yield optimization.
Concentric Vaults Functionality:
Concentric Vaults allow users to deposit LP tokens, optimizing yields algorithmically for liquidity providers.
Yield Optimization Algorithm:
The protocol uses Camelot v3 to maximize yields by reallocating LP tokens among high-yielding investment products.
Social Engineering Attack Vector:
ConcentricFi's report reveals social engineering as the initial attack vector, compromising a team member's wallet.
Upgradeable Vault Contracts Vulnerability:
Despite pre-audited vaults, the upgradeability of vault contracts led to a breach, allowing the attacker to drain funds.
Exploitation Details:
Attacker upgraded vault contracts, inserted malicious code, minted new LP tokens, and drained funds from Concentric Vaults.
Root Causes Identified:
The breach stemmed from the lack of multisig-based admin roles and unnecessary vault upgradeability, granting the attacker full privileged access.
User Action Urged:
ConcentricFi urges users to revoke all approvals and addresses the root causes to enhance security.
ConcentricFi faces a significant security challenge, emphasizing the need for improved protocols and user vigilance.