Hacker who stole $160 million decided to make money on them by adding them to liquidity on DEX Curve

Curve protocol developers say that no one can forbid anyone to make deposits. And the platform code is unchangeable

A cryptocurrency hacker has become the leader among liquidity providers in Curve Finance’s DeFi-platform pool. In doing so, using the $160 million he stole from the Wintermute protocol.

Wintermute is a major cryptocurrency market maker, providing liquidity to more than 50 crypto platforms. Such as Binance, Kraken, Coinbase and many others were attacked in September 2022. Ninety different digital assets totaling about $160 million were withdrawn from the protocol.

The attacker placed the stolen funds in the Curve Finance trading pool. These assets now represent 28% of the roughly $400 million placed in Curve’s decentralized liquidity pool, Curve 3pool.

Curve is the largest decentralized crypto exchange (DEX) deployed on the Ethereum network. According to DeFiLlama, its Total Value Locked (TVL) is about $4.5 billion.

Also Curve allows users to trade digital assets without intermediaries. They trade tokens through liquidity pools. Another part of the users provides this liquidity, for which they are charged a commission.

The liquidity providers get a small commission every time someone uses the pool to exchange tokens. The Curve 3pool platform is focused on exchanging stablecoins Tether (USDT), USD Coin (USDC) and Dai (DAI).

Because the code of Curve protocol cannot be changed after its deployment in the Ethereum blockchain. Its creators have no control over who uses the protocol or provides liquidity in the pools.

Our experts point out that even the managers of the protocol cannot change the code where the funds are stored. DEX exchange officials also noted that it is impossible to disable protocol without completely shutting down the Ethereum blockchain.