UwU Lend Victim of 20M Flash Loans Hack Founder Offers 20 Reward to Recover Funds

UwU Lend fell victim to hackers on Monday, losing $20 million due to price oracle manipulation. The entire crypto community was shocked by this incident, as the attacker utilized a substantial flash loan to exploit a protocol in its price feed.

The attack unfolded through a flash loan of $3.15 billion in assets, as reported by CertiK alerts. The attacker strategically divided these assets: half were borrowed to establish a leveraged position through recursive debt, while the remaining half impacted the value of five oracles and inflated the sUSDE token.

By conducting continuous liquidations, the attacker acquired additional uWETH tokens. Subsequently, the hacker manipulated prices back to normal, returned the flash loan, and walked away with approximately $19.3 million worth of assets in three transactions. As of now, the hacker’s wallet holds around $19.4 million.

In response to the hack, Michael Patryn, also known as Michael Patryn or 0xSifu, a co-founder of the now-defunct Quadriga CX, made an offer directly to the hacker. Patryn offered a 20% reward for the recovery of the stolen assets. The message from Patryn, posted on Ethereum, stated, “We are giving a 20% white hat bounty of any funds taken. You will have no exposure as to our continuing this and no exposure as to law enforcement matters.”

This offer translates to approximately $4 million for the hacker if they return the remaining $16 million in crypto-coins. While such offers are common in the crypto market, hackers typically do not take advantage of them, with some exceptions.

UwU Lend, a lending protocol created in 2022 as a clone of the Aave lending protocol, was vulnerable to manipulation due to the simplicity of its price oracles. By exploiting a flash loan, the hacker drained $20 million from the protocol, potentially using a loan amounting to $4 billion.

For more on hacking incidents, check out our article on Orbit Chain being hacked for $48 million.