Ethereum Lending Protocol XCarnival Hit With $3.8M Exploit, Recovers 50%

Oliver Knight

Updated June 27, 2022 at 1:10 p.m.·1 min read

Don't miss CoinDesk's Consensus 2022, the must-attend crypto & blockchain festival experience of the year in Austin, TX this June 9-12.

XCarnival, a platform based on the Ethereum blockchain that acts as a lending aggregator for NFTs (non-fungible tokens), has recovered 50% of the $3.8 million it lost in an exploit.

A hacker exploited a smart contract flaw that allowed a pledged asset to also be used as collateral, in this case a Bored Ape Yacht Club NFT.
The vulnerability was exploited in multiple transactions over a short period of time at 12:03 UTC on Sunday, with the hacker siphoning 3,087 ethers (ETH).
"XCarnival was attacked on June 26, 2022 and suspended part of the protocol," the Singapore-based company wrote on Twitter.
"Currently our smart contract has been suspended, all deposit and borrowing actions are temporarily not supported, please stay tuned, we will confirm the situation as soon as possible," it said.
The XCarnival team offered the hacker a 1,500 ETH bounty, an offer that seemingly been accepted after a wallet tagged as "XCarnival Exploiter" sent 1,467 ETH to the affected wallet, according to Etherscan.
According to the protocol's website, total value locked stands at 2992.05 ETH for borrows and 3014.69 ETH for supply.

Yahoo Sports
Duke to return 3 players from last season's roster after 7th player enters transfer portal
We're about to see what Jon Scheyer is capable of.
8 minutes ago
KGTV - San Diego Scripps
Anchor Lindsey Pena checks out Chicano Park Day preparation
The 53th Chicano Park Day commemoration will be held on Saturday and is open to the public for free.
9 minutes ago
The Independent
Israel ‘carries out strikes on Iran’ as Western allies urge restraint
US administration said to have been given ‘last minute’ notice before strike on Iran
9 minutes ago
The Independent
Man builds entire home next to LA freeway
Home in encampment along 110 Freeway has own front door and electricity, allowing the resident to have lights, a stove and a refrigerator
10 minutes ago
The Independent
Trump’s $175m bond in fraud case should be voided, says New York attorney general
Mr Trump’s hefty bond was posted by California-based Knight Specialty Insurance Company last month
11 minutes ago
KOAT - Albuquerque Videos
Cold for eastern New Mexico, milder west
Cold for eastern New Mexico, milder west
11 minutes ago
CBC
Salt River First Nation chief, suspended for 17 months, wins another court judgment
Salt River First Nation's council can no longer have meetings to keep suspending its chief, a federal court judge has ruled, until the court holds a judicial review of the original suspension.The ruling, published Thursday, is the third federal court ruling since March in favour of Toni Heron, who was elected in September 2022 as chief of the First Nation in Fort Smith, N.W.T. Heron has been suspended for about 17 and a half months.Thursday's ruling from Justice Glennys McVeigh ordered an expedi
11 minutes ago
The Telegraph
‘Significant damage’ after 80 firefighters called to blaze at listed London pub
A historic pub in London’s south-west was damaged in a fire on Friday night, London Fire Brigade said.
12 minutes ago
Business Insider
Trump Media is trying to make it super hard to short its stock
CEO Devin Nunes issued a letter to Nasdaq asking for action against naked short-selling activity on DJT stock.
13 minutes ago
KGTV - San Diego Scripps
Mt Miguel HS student accused of sexually assaulting girl in campus bathroom
A Mount Miguel High School student suspected of sexually assaulting a 15-year-old girl at the Spring Valley campus turned himself in to authorities Thursday.
14 minutes ago
WCVB - Boston
Tribute to the unseen team behind the Boston Marathon broadcast
None of the people you are about to see ran 26.2 miles on Monday, but all probably felt like they did.
14 minutes ago
Reuters
US to withdraw military personnel from Niger, source says
The United States will withdraw its troops from Niger, a source familiar with the matter told Reuters late on Friday, adding an agreement was reached between U.S Deputy Secretary of State Kurt Campbell and Niger's leadership. There were a little over 1,000 U.S. troops in Niger as of last year, where the U.S. military operated out of two bases, including a drone base known as Air Base 201 built near Agadez in central Niger at a cost of more than $100 million. Last year, Niger's army seized power in a coup.
15 minutes ago
KJRH-Tulsa Videos
Local ceramics shop featured at country music star's event in Nashville
Local ceramics shop featured at country music star's event in Nashville
16 minutes ago
Local Journalism Initiative
Essa Township library still one way for residents to save a buck
As the economy continues to wreak havoc with family budgets across the region, local libraries are becoming exponentially more important. With every 17 cent-per-litre gas increase, families have less money available for recreational or educational needs. Many of them are turning to their local library for more than just a good book. “Today’s library is so much more than it was when I was growing up,” Judith Hunter, chair of the Essa Public Library Board, said during an afternoon chat at the Angu
16 minutes ago
The Canadian Press
Yankees delay DJ LeMahieu's minor league rehab assignment because foot has not fully healed
NEW YORK (AP) — The Yankees delayed the start of DJ LeMahieu's minor league injury rehabilitation assignment after an MRI showed the fracture in his right foot has not fully healed. The 35-year-old, a two-time batting champion, has been sidelined since fouling a ball off the foot during a spring training game on March 16. He was to have started the rehab assignment Friday but remained in New York. The earliest he will report to a minor league team is Tuesday. “He’s doing really well and I know h
16 minutes ago
PA Media: UK News
Around 80 firefighters called to battle blaze at historic London pub
The cause of the fire is now under investigation.
17 minutes ago
KGTV - San Diego Scripps
Deadline for San Diego flood victims to apply for FEMA aid set for Friday
San Diego victims of the Jan. 22 storm and flooding are running out of time to apply for assistance from the federal government.
17 minutes ago
Associated Press Videos
Ringo Starr says 'not a lot of joy' in the 1970 documentary 'Let It Be'
Ringo Starr says there's "not a lot of joy" in Michael Lindsay-Hogg’s 1970 Beatles documentary, "Let it Be," which is slated to be made public for the first time when it heads to Disney+ in May. Starr says he prefers what director Peter Jackson did with the footage for his own docuseries, "Get Back." (April 19)
18 minutes ago
The Canadian Press
Toronto FC, New England looking to turn the tide after disappointing showings
Toronto FC and the New England Revolution are both looking to climb out of a hole when they meet Saturday at BMO Field. After a promising start under John Herdman, injury-depleted Toronto (3-4-1) has lost three straight while being outscored 10-3. New England (1-5-1) made it as far as the quarterfinals of the CONCACAF Champions Cup but has found league wins hard to come by under new coach Caleb Porter. Porter sees some similarities with Toronto. "There's a transition that their club's going thro
19 minutes ago
WISN - Milwaukee Videos
Car speeding like a '100-mph missile' slams into a county bus, one dead and seven hurt
MCTS said that car was traveling nearly 100 miles per hour. The impact spun the 40-ton vehicle around in the intersection.
21 minutes ago

Latest Stories