Seneca Stablecoin Protocol Hacked for $6 Million Due to Smart Contract Vulnerability

On February 28, the stablecoin protocol Seneca confirmed an exploit that resulted in a loss of 1,900 ETH (approximately $6 million) across the Ethereum and Arbitrum networks.

Details of the Exploit

According to a report from the security firm Blocksec, the exploit was caused by an "arbitrary call" vulnerability in Seneca's smart contract. This flaw allowed the attacker to execute unauthorized token transfers from the contract to external addresses.

Due to the design of the smart contract, which did not allow for a project-wide pause, Seneca urged users to revoke previously granted permissions to prevent further losses.

Impact and Response

The value of Seneca's token, SEN, plummeted by more than 60% following the news of the hack, dropping from $0.1 to just $0.04.

Price chart of SEN following the hack, captured at 14:00 on February 29, 2024, on CoinGecko

About Seneca

Seneca is a DeFi CDP (Collateralized Debt Position) protocol on Arbitrum. Its main product is senUSD, a stablecoin pegged 1:1 to the US dollar. The Seneca protocol allows users to mint and lend senUSD based on price differences across platforms.

Conclusion

This incident highlights the critical importance of robust security measures in the development and deployment of DeFi protocols. The Seneca team and its community now face the challenging task of recovering from this exploit and reinforcing their smart contract security to prevent future breaches.