Peapods Finance, a DeFi protocol focused on leveraged yield strategies, was seemingly exploited in a smart contract attack on Tuesday, July 8, that led to the unauthorized withdrawal of roughly $200,000 worth of ETH. The apparent exploit was flagged in initial assessments by on-chain security firms CertiK and PeckShield. Amid the news, the protocol’s native token, PEAS, briefly fell 5% to $3.55 before recovering to $3.74 at press time, up 3% over the past 24 hours. The token's market cap currently stands near $37 million, while Peapods’ total value locked (TVL) remains around just $10 million, per data from DefiLlama. The protocol's TVL peaked near $34 million in March 2024. PEAS 24-hour price chart. Source: DeFiLlama Launched in mid-2023, Peapods Finance’s stated aim is to turn market volatility into yield. The incident appears to involve a price manipulation targeting the WETH/aspLONGsUSDe oracle, which may have been pushed to an abnormally high level to facilitate the drain, blockchain analysts at TenArmorAlert noted in an X post yesterday. Peapods exploit report. Source: CertiK On-chain data indicates that over 78 ETH, worth over $207,000 at current prices, was transferred to the suspected attacker through a series of transactions involving Wrapped Ether (WETH) and newly minted tokens. Blockchain research firm BlockSec Phalcon noted in an X post that the attacker hit multiple contracts: they pulled off the first exploit successfully, “but its second attempt was front-run by Yoink—a well-known MEV frontrunner.” The research firm suggested that Peapods Finance try to get in contact with Yoink. Public Response Following the exploit, the Peapods team posted in their permissioned Telegram group that the affected Pod — the name of Peapods’ custom tokens made for generating yield from price swings between uncorrelated assets — was podETH on the Ethereum mainnet, emphasizing that the issue was not at the contract level and that isolated Pods and metavaults — specialized vaults managing multiple Pods — remain secure. “The issue seems to be an underlying bad oracle for that specific pod, which is a user configuration issue. The team is currently working with auditors and discussing the matter internally. More information will be shared once the team has concluded their investigation. We ask for your patience in the meantime!” the team said. The team has not posted anything about the exploit on their official X account by press time. In response to The Defiant’s request for comment on the incident and why the team hadn’t posted on X, a Peapods Finance representative said that the “team has been working on a report.” In May, an attacker exploited top Sui DEX Cetus Protocol’s smart contract to drain $223 million worth of SUI. According to a recent SlowMist report, DeFi platforms were the most frequent targets of security incidents in the first half of 2025.
Shiba Inu Smashes Triangle Pattern Against Bitcoin, But Looks Weak Against Dogecoin
2 hour ago
Morning Release from South Korea! Two New Altcoins Listed, Prices See Sharp Rise!
2 hour ago
SEC’s Cryptocurrency Leader Hester Peirce Issues Serious Warning to the Crypto Sector
2 hour ago
XRP Traders Target $6 as Ripple’s RLUSD Surges Past $500M Market Cap
2 hour ago
PUMP Lingers at 40% Premium Over ICO Price on Hyperliquid Ahead of Pump.fun Token Sale
2 hour ago
Tron (TRX) Founder Justin Sun Announces Intention to Buy $100 Million in Surprise Altcoin
2 hour ago