Peapods Finance Token Slips 5% after Unauthorized $200K Withdrawal

Peapods Finance, a DeFi protocol focused on leveraged yield strategies, was seemingly exploited in a smart contract attack on Tuesday, July 8, that led to the unauthorized withdrawal of roughly $200,000 worth of ETH. The apparent exploit was flagged in initial assessments by on-chain security firms CertiK and PeckShield.

Amid the news, the protocol’s native token, PEAS, briefly fell 5% to $3.55 before recovering to $3.74 at press time, up 3% over the past 24 hours. The token's market cap currently stands near $37 million, while Peapods’ total value locked (TVL) remains around just $10 million, per data from DefiLlama. The protocol's TVL peaked near $34 million in March 2024.

Launched in mid-2023, Peapods Finance’s stated aim is to turn market volatility into yield.

The incident appears to involve a price manipulation targeting the WETH/aspLONGsUSDe oracle, which may have been pushed to an abnormally high level to facilitate the drain, blockchain analysts at TenArmorAlert noted in an X post yesterday.

On-chain data indicates that over 78 ETH, worth over $207,000 at current prices, was transferred to the suspected attacker through a series of transactions involving Wrapped Ether (WETH) and newly minted tokens.

Blockchain research firm BlockSec Phalcon noted in an X post that the attacker hit multiple contracts: they pulled off the first exploit successfully, “but its second attempt was front-run by Yoink—a well-known MEV frontrunner.” The research firm suggested that Peapods Finance try to get in contact with Yoink.

Public Response

Following the exploit, the Peapods team posted in their permissioned Telegram group that the affected Pod — the name of Peapods’ custom tokens made for generating yield from price swings between uncorrelated assets — was podETH on the Ethereum mainnet, emphasizing that the issue was not at the contract level and that isolated Pods and metavaults — specialized vaults managing multiple Pods — remain secure.

“The issue seems to be an underlying bad oracle for that specific pod, which is a user configuration issue. The team is currently working with auditors and discussing the matter internally. More information will be shared once the team has concluded their investigation. We ask for your patience in the meantime!” the team said.

In a comments to The Defiant, a core team member behind Peapods Finance said that the incident “wasn’t a protocol exploit.”

“The issue stemmed from manipulation of low-liquidity Uniswap pools used as TWAP oracles in two user-created Pods (pLONGsUSDe and PodETH). These oracles had sufficient TVL when created but later became vulnerable due to deteriorated liquidity,” the team member clarified.

They added that they’re “actively addressing the situation,” including “offering a bounty to the originator for return of funds, exploring reimbursement options where feasible” and “improving oracle vetting and user risk visibility.”

The team has not posted anything about the exploit on their official X account by press time.

In May, an attacker exploited top Sui DEX Cetus Protocol’s smart contract to drain $223 million worth of SUI.

According to a recent SlowMist report, DeFi platforms were the most frequent targets of security incidents in the first half of 2025.

Disclaimer: This article has been updated to add comments from a Peapods Finance core team member in response to The Defiant's request.