Jul 2025 - Peapods Finance aspLONGsUSDe Price Manipulation Attack - $200k (Global)
Peapods Finance is a decentralized finance (DeFi) platform on the Ethereum mainnet that enables users to earn yield through volatility farming. The protocol leverages the price movements of various crypto assets, allowing users to participate in "Pods" that provide exposure to long or short positions, paired assets, or leveraged positions. It is currently in beta, and users are advised that they interact at their own risk due to ongoing development.
As of now, the platform boasts a Total Value Locked (TVL) of $34.5 million across 204 Pods. Users have earned $2 million in yield, while $3.5 million in fees have been generated. Over 549,000 PEAS tokens—the platform’s native token—have been distributed, with around 69,000 PEAS burned, indicating ongoing deflationary mechanisms.
Peapods offers a range of Pods with varying strategies and yields, such as pBOOE (v2), which offers a striking 556.2% APR with a $122.7K TVL, pALVA and pHOHMLONG also offer high APRs at 107.3% and 51.7%, respectively. More moderate returns are seen in pods like pPEASOHM (5%) and pPepecoin (8%), while others like pOHMO (-6.9%) and phOHM (-9.9%) currently reflect negative yields due to volatility.
A user interface on the Peapods Finance website allows filtering and sorting by Pod characteristics (name, ticker, contract, underlying asset, or paired asset), and there's a simplified vs. professional view to accommodate different user levels. Key sections include "Lend," "Bridge," "My Portfolio & Yields," and "Documentation," aimed at providing both accessibility and transparency.
Peapods Finance's Ethereum contracts were reportedly exploited through a price manipulation attack targeting the WETH/aspLONGsUSDe oracle, which was manipulated to reflect an artificially high price.
Victim: 0xd1538a9d69801e57c937f3c64d8c4f57d2967257
Attacker: 0x277da2d1ce5601c0f0133515c19da314fc52a846
Exploit: 0x7212de58f97ad6c28623752479acaeb6b15ad006
Most sources consistently report $200k as the loss figure. CertiK reports ~78 ETH.
The initial attacker successfully executed the first exploit, but their second attempt was front-run by Yoink, a known MEV frontrunner.
Funds gained by the attacker were sent to ChangeNow and FixedFloat.
Funds gained by the attacker were sent to ChangeNow and FixedFloat. Peapods Finance has yet to post any public announcement regarding the exploit.
Peapods Finance has yet to post any public announcement regarding the exploit.
There may be an opportunity to contact Yoink to potentially recover some of the funds or mitigate losses.
Further Analysis
Peapods Finance is a DeFi platform on Ethereum that enables users to earn yield through volatility farming by participating in various Pods with different strategies, including long, short, paired, and leveraged positions. The platform, still in beta, recently suffered a price manipulation attack targeting the WETH/aspLONGsUSDe oracle, resulting in an estimated $200,000 loss. The attacker’s second exploit attempt was front-run by Yoink, a known MEV actor. Stolen funds were funneled through ChangeNow and FixedFloat. Peapods has yet to issue a public statement, but reaching out to Yoink may offer a chance to recover some of the lost assets.
How Could This Have Been Prevented?
More Cryptocurrency Exchange Hacks/Scams/Frauds
Texture Finance Vault Rebalance Missing Ownership Check Theft > > < < ERC1967Proxy Upgrade 0x03b79c24 Function Access Control
Sources/Further Reading
SlowMist - "MistEye has detected potential suspicious activities related to @PeapodsFinance. As always, stay vigilant!" - Twitter/X (Dec 31)
Smart Contract Address - Etherscan (Dec 31)
officer_cia - "Attack on @PeapodsFinance, 200k$ lost:" - Twitter/X (Dec 31)
CertikAlert - "@PeapodsFinance have been exploited for ~$200k (~78 ETH). All the funds were sent to ChangeNow and FixedFloat." - Twitter/X (Dec 31)
Analysis Of Transaction By CertiK (Dec 31)
Phalcon XYZ - "@PeapodsFinance’s Ethereum contracts have reportedly been attacked due to a price oracle issue. It looks like the original attacker successfully executed the first exploit, but its second attempt was front-run by Yoink—a well-known MEV frontrunner. It may be possible to contact them to mitigate losses." - Twitter/X (Dec 31)
Attack Transaction - BlockSec (Dec 31)
Second Transaction Which Was Front-run - BlockSec (Dec 31)
Web3Watchdog - "PeckShieldAlert: RT @peckshield: Hi @PeapodsFinance, you may want to take a look" - Twitter/X (Dec 31)
PeckShield - "Hi @PeapodsFinance, you may want to take a look" - Twitter/X (Dec 31)
TenArmorAlert - "Our system has detected a suspicious attack involving #Peapods Finance @PeapodsFinance on #ETH, resulting in an approximately loss of $200K." - Twitter/X (Dec 31)
Peapods Finance - "Something big is coming this week for Peapods Finance. Meanwhile, peas farmers are still locking in high yields across the board" - Twitter/X (Dec 31)
Peapods Finance Homepage (Dec 31)
ohmiegear - "The protocol is @PeapodsFinance the token is $peas" - Twitter/X (Dec 31)
Peapods Finance Twitter/X (Dec 31)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|