You can check the website statistics yourself or request them from us at [email protected]
On this platform, only organic high-quality traffic
Bitcoin
$ 30,725

SushiSwap Exchange Suffers Major $3.3 Million Smart Contract Hack – Here’s What Happened

The renowned decentralized exchange (DEX), SushiSwap, has faced a setback with losses amounting to over $3.3 million. This resulted from a hacker leveraging a flaw in one of its smart contracts.

The affected contract, named RouteProcess02, aggregates liquidity for trades from different sources and pinpoints the best price for coin exchanges. This contract was taken advantage of, with the exploited assets then spread across various blockchain networks.

Ancilia, a crypto security company, clarified the issue on Twitter, stating: “The root of the problem lies in the internal swap() function. It initiates the swapUniV3() which sets the ‘lastCalledPool’ variable at storage slot 0x00. Subsequently, in the swap3callback function, the permission checks are overlooked.”

A developer known by the pseudonym 0xngmi from DefiLlama has pointed out that the hack likely affects only those users who transacted on the protocol in the recent four days.

0xngmi stated on Twitter, “Those potentially impacted by the Sushiswap breach should be individuals who conducted swaps on Sushiswap within the past 4 days. If you’re among them, it’s advisable to either revoke approvals promptly or transfer funds from the compromised wallet to a new one.”

There has already been a reported casualty of the hack. A prominent figure in the crypto community named Sifu allegedly lost a substantial 1,800 ETH, which is equivalent to approximately $3.3 million, due to this security breach.

Sushi’s primary developer, Jared Grey, has sent out a clarion call for users to withdraw permissions from all contracts affiliated with the protocol, cautioning, “Sushi’s RouteProcessor2 contract contains an approval glitch; it’s imperative to withdraw approval immediately.”

To facilitate this, Grey has compiled and shared a list on GitHub that specifies contracts across various blockchains that need permissions to be revoked. It’s worth highlighting that the affected contract also exists on Polygon, a widely-adopted layer-2 solution for Ethereum.

SushiSwap Recovers a “Large Portion” of Stolen Funds

The SushiSwap team, with assistance from the blockchain security firm HYDN, has successfully reclaimed a considerable chunk of the pilfered funds through white hat security measures.

“A majority of the compromised funds have been safely retrieved via a white hat security procedure. If you’ve been involved in such a white hat recovery, kindly reach out to [email protected] for subsequent actions,” Grey announced at 9:42 a.m. Eastern Time on April 9.

“We’ve successfully recouped over 300 ETH from Coffeebabe, part of the assets stolen from Sifu. We are currently liaising with Lido’s team concerning an additional 700 ETH.”

Later in the day, Sushiswap’s CTO, Matthew Lilley, assured users that the platform is now secure and fully operational. “Any risk associated with RouterProcessor2 has been eradicated from the user interface. Engaging in liquidity provision or any ongoing swap activities is now secure,” he clarified.

This hacking incident occurs amidst a backdrop of heightened regulatory oversight targeting the DEX. Both the Sushi DAO and Grey have received subpoenas from the US Securities and Exchange Commission.

On March 21, the receipt of this legal notice was publicized when the organization put forth a proposal to the Sushi DAO, suggesting the creation of a legal defense fund to address potential forthcoming legal expenses.

During the weekend, Grey released an official response concerning the subpoena, stating, “The SEC’s probe is a confidential, fact-finding endeavor aimed at discerning any potential breaches of federal securities regulations.”

He further clarified, “As of the time of this statement, to the best of our understanding, the SEC hasn’t determined or concluded that anyone associated with Sushi has transgressed the federal securities laws of the United States.”

Related Posts

Leave a Reply

Confirm now and stay with our news

What we write about

I want to save money. Will cryptocurrency work?

Cryptocurrency is essentially virtual money that operates in a decentralized manner, not through a bank but directly on multiple independent computers.

Every cryptocurrency has two main components: the units of digital exchange called “coins” and the network within which the exchange takes place. These units can be transferred between wallets and exchanged on exchanges. The networks in which these coins exist are called blockchains, which translates to “chains of blocks.”

Latest Articles

EUBOF Advises EU On Blockchain And AI Integration
27.05.2024By
Arbitrum Community Supports Proposal to Allocate 200M ARB to Web3 Game Development
27.05.2024By
Normie Team Negotiates 90% Fund Return After $41.7M Market Cap Plunge
27.05.2024By

Latest news

EUBOF Advises EU On Blockchain And AI Integration
27.05.2024
Arbitrum Community Supports Proposal to Allocate 200M ARB to Web3 Game Development
27.05.2024
Normie Team Negotiates 90% Fund Return After $41.7M Market Cap Plunge
27.05.2024
Cristiano Ronaldo Teams Up with Binance for New NFT Collection Despite Ongoing Legal Battle
27.05.2024
Ethereum Layer 2 TVL Sets a New All-Time High at $47 Billion
27.05.2024
Bitcoin White Paper Returns to Bitcoin.org After Craig Wright Fails to Prove He is Nakamoto
27.05.2024
“I Am Very Positive and Open Minded To Cryptocurrency”: Trump
27.05.2024
Nearly 40% of Institutional Investors Had Crypto Exposure in 2023, Survey Reveals
24.05.2024
Forex and Crypto Investment Fraud Busted in Malaysia, Ten Arrested and Millions Seized
24.05.2024
Dormant Dogecoin Whale Becomes Active Again After A Decade
24.05.2024