Hackers Exploit Cork Protocol to Steal $12M in wstETH Tokens

“`html

Hackers have stolen tokens worth approximately $12 million by exploiting a vulnerability in a wrapped staked Ethereum (wstETH) contract. This incident occurred on the decentralized finance (DeFi) platform Cork Protocol, raising concerns about the security of smart contracts within the DeFi ecosystem. On May 28, 2025, blockchain security firm SlowMist identified a potential flaw involving 3,760 wstETH tokens, which led to the exploit.

Security Incident at Cork Protocol

Cork Protocol confirmed the breach shortly after the report surfaced. The platform described it as a “security incident” that targeted wrapped staked Ethereum tokens and wrapped Ethereum (wETH) tokens. As a precautionary measure, the protocol paused all smart contracts to investigate the matter further and minimize potential risks.

In an official statement, Cork Protocol assured users that other markets on the platform remained unaffected. The team is actively working to resolve the issue and has committed to providing updates as more information becomes available.

How Did the Exploit Unfold?

According to blockchain security experts at Cyvers, the attacker deployed a malicious contract funded by a wallet address starting with 0x4771…762B. This wallet address is believed to be associated with a service provider, such as a DeFi protocol, exchange, or bridge that Cork Protocol was utilizing.

The exploit unfolded rapidly. Within just 16 minutes of deploying the malicious contract, the attacker executed the exploit and swapped the stolen wstETH for Ethereum. As of now, the stolen ETH remains in the attacker’s wallet and has not been moved to other accounts or platforms.

Understanding Cork Protocol’s Role in DeFi

Cork Protocol specializes in providing users with tools to hedge against the risk of token depegging. This includes securitizing markets for wrapped tokens such as wstETH, wETH, and other liquid staking or restaking tokens. One of its core offerings is the trading pair of wstETH to wETH, which was directly impacted by this exploit.

Wrapped tokens, like those supported by Cork Protocol, are essential for enabling advanced DeFi operations that cannot be executed with native assets. However, they also come with additional risks, such as counterparty vulnerabilities and susceptibility to hacks. When a wrapped token is exploited or mishandled, its value can drop below that of its unwrapped counterpart, potentially leading to significant financial losses for users.

Key Risks of Wrapped Tokens

• Smart Contract Vulnerabilities: Bugs or flaws in the code can be exploited by attackers.
• Counterparty Risk: Dependence on third-party protocols or bridges can expose users to failures or malicious actions.
• Depeg Risk: Wrapped tokens may lose their value relative to the original asset in the event of a hack or market instability.

Features of Cork Protocol

To mitigate these risks, Cork Protocol offers options for users to buy depeg swaps. These swaps act as a form of insurance, protecting users if the value of their wrapped tokens falls below their peg. In addition to the wstETH-to-wETH market, Cork Protocol provides securitization for other token pairs, including:

• wETH to wstETH: A liquid staking-focused market.
• sUSDS to USDe: Stablecoin securitization.
• sUSDe to USDT: Another stablecoin-focused market.

While these features offer enhanced flexibility and risk management, they also underscore the importance of robust security measures to protect user funds.

What This Means for DeFi Users

This incident highlights the ongoing challenges and risks associated with decentralized finance. Users engaging in DeFi activities must remain vigilant and consider the inherent vulnerabilities of wrapped tokens and smart contracts. Here are some tips to help safeguard your investments:

• Research Protocols Thoroughly: Understand the security measures and audits conducted by the platforms you use.
• Diversify Investments: Avoid putting all your funds into a single protocol or asset.
• Use DeFi Insurance: Consider platforms offering insurance or depeg swaps to mitigate potential losses.
• Monitor Transactions: Regularly check your wallet activity and stay informed about potential exploits.

As the DeFi space continues to evolve, incidents like this serve as a reminder of the importance of prioritizing security and managing risks effectively.

“`