On an unfortunate day for yet another crypto protocol, an attacker exploited a malicious contract less than 17 minutes after it was deployed, siphoning around $12 million worth of crypto assets.
Cork Protocol, a platform that allows users to trade risk that stablecoins and other crypto instruments lose their peg, fell victim to an attack that also forced it to pause all its markets, while "the team works with auditors to ensure the root cause of the exploit is thoroughly resolved."
The team behind the protocol confirmed that its wstETH:weETH market was exploited on Wednesday, saying that no other markets have been impacted. wstETH and weETH refer to tokenized versions of ethereum (ETH), meaning they represent ETH tokens and can be used in more diverse platforms and for more diverse purposes.
Cork said that 3,761.8 wstETH (around $12 million at the time) was "involved" in the incident. However, no other details about the exploit were provided, as the team has promised to publish their post-mortem report soon.
"We are actively conducting a thorough post-mortem and, in the meantime, are collaborating with the appropriate authorities, tracing experts, and security professionals attempting to recover all funds and safely redeploy the protocol as quickly as possible," Phil Fogel, a co-founder of Cork, said.
Meanwhile, crypto security specialist Cyvers said that their system shows a malicious contract was deployed on May 28th, 2025, at 11:23:19 UTC by an address likely funded by a service provider.
"Just 16 minutes and 45 seconds later, the attacker executed the exploit, gaining 3,761.87 $wstETH, which was quickly swapped to $ETH," Cyvers added.
Meanwhile, a poll has been launched on X, asking what everyone would do if they were the Cork Protocol attacker. Would they steal millions or claim the bug bounty for $100,000? In the final hours of the poll, those in favor of the bug bounty are leading.
Your email address will not be published. Required fields are markedmarked