UwU Lend, a decentralized finance protocol built on the Ethereum blockchain, has once again fallen victim to an exploit by the same attacker, resulting in the theft of $3.7 million in funds.
This latest incident follows a previous hack just two days ago, where the attacker managed to steal nearly $20 million from the protocol. According to data from Cyvers Alerts, the hacker targeted liquidity pools such as uDAI, uWETH, uLUSD, uFRAX, uCRVUSD, and uUSDT, converting all stolen assets into ETH and storing them in their address.
An X user going by the alias @CryptoEvgen pointed out that the attacker used funds stolen in the first hack to carry out this latest attack. The exact cause of the breach is still unknown, as UwU Lend has not issued a public statement regarding the incident.
This latest exploit comes shortly after UwU Lend experienced a $20 million loss in what was described as a “sophisticated attack.” Reports suggest that the attacker leveraged Curve LlamaLend as the exit liquidity for the theft.
UwU Lend, founded by Michael Patryn, also known as Omar Dhanani or “0xSifu,” offers lending, borrowing, and staking services based on the open-source AAVE v2 code. The platform rewards users with its native token, UwU, by sharing platform revenues.
In a related development, the founder of Frax Finance has accused a “serial scammer” of hacking an X account.