Resupply: Hacker Attack Results in Approximately $10 Million reUSD Bad Debt, Stolen Funds Remain On-Chain

Resupply has released an analysis report on the recent hacking incident, stating that the attack targeting the crvUSD-wstUSR trading pair on Resupply resulted in approximately $10 million in reUSD bad debt. However, the vulnerability was only present in this specific token pair, and other trading pairs were not affected, with the Resupply market continuing to operate as usual. Currently, the debt limit for the affected trading pair has been set to zero and withdrawals from the insurance pool have been suspended; a formal governance vote is required to lift the suspension. The problematic code segment had undergone multiple security audits and was reviewed by independent researchers, but the issue was not reported. At this stage, the stolen funds remain on-chain, and the situation is being closely monitored with necessary measures to be taken as needed.