吴说区块链
吴说区块链|7月 07, 2026 17:08
Wu Blockchain has learned that Summer.fi released a post-mortem report on the Lazy Summer Protocol USDC Vault attack. The report states that on July 6, attackers exploited flaws in the net asset value (NAV) calculation mechanism of two Ethereum USDC Vaults. Using a flash loan in a single atomic transaction, they manipulated share prices and stole approximately $6.04 million in assets. Specifically, the LowerRisk USDC Vault lost about $5.64 million, while the HigherRisk USDC Vault lost around $400,000. The report clarifies that the issue was not due to a smart contract vulnerability or private key leak. Instead, it stemmed from overvalued assets injected into the Ark strategy, which had been discontinued but was still included in the NAV calculation. This caused an artificial inflation of vault share prices, enabling the exploit. Following the incident, the protocol suspended all Vaults and set deposit limits to zero. The team is currently collaborating with SEAL 911, Blockaid, CertiK, PeckShield, Cyvers, and others to trace the stolen funds. Compensation plans will be determined through Lazy Summer DAO governance. https://www.(wublock123.com)/news/summer-fi-lazy-summer-attack-not-contract-bug-nav-exploit-64172
+5
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads