Purrlend disclosed that it experienced a security incident last week, resulting in losses of approximately $1.52 million.

CoinFeed reported on May 1st that Purrlend suffered a security incident on April 25th, resulting in a loss of approximately $1.52 million on its HyperEVM and MegaETH deployments. Attackers compromised two-thirds of the team's administrator multisignature wallets, granting malicious addresses multiple administrator privileges, including BRIDGE_ROLE. They then minted approximately 2 million pUSDm and 4.85 million pUSDC without collateral using the mintUnbacked function, using these as collateral to borrow real assets from the liquidity pool. HyperEVM suffered a loss of approximately $1.2 million, and MegaETH a loss of approximately $325,000. Purrlend has suspended the protocol, revoked permissions, and contacted law enforcement and blockchain analytics firms to trace the funds.