The platform experienced a security incident late Tuesday that affected wallets with infinite approvals to Socket contracts, developers said.
In Failed Bitfinex Exploit Attempt, Billions in XRP Moved
The failed token transfers spooked some market watchers as they amounted to nearly half of XRP’s $30 billion market capitalization.
OKX Wallet Users Warned to Update App to Avoid Code Vulnerability
Blockchain security firm Certik has warned OKX Wallet users to update their iOS app after a critical Remote Code Execution (RCE) vulnerability was found in a previous version.
Solana-Based Aurory Suffers Devastating Exploit: 80% Of Liquidity Gone
Aurory (AURY), a blockchain-based tactical Japanese role-playing game built on Solana (SOL), recently experienced a significant liquidity loss in its Camelot’s AURY-USDC pool.
The incident occurred due to a hack on the SyncSpace bridge, which resulted in the unauthorized withdrawal and subsequent market sale of approximately 600,000 AURY tokens on the Arbitrum (ARB) network.
Aurory SyncSpace Bridge Hacked
In an official statement released on December 17, Aurory’s team disclosed the details of the incident. The team detected unusual activity on their marketplace and promptly initiated an investigation, which revealed that a malicious actor had exploited the marketplace’s buy endpoint.
This exploit allowed the attacker to inflate their AURY balance in SyncSpace, enabling them to withdraw around 600,000 tokens to the Arbitrum network. The attacker then liquidated the stolen amount by selling it in the market.
To protect user funds, SyncSpace was promptly disabled for maintenance, temporarily suspending deposits and withdrawals. Importantly, the statement assured that no user funds or non-fungible tokens (NFTs) were lost or at risk during the incident.
The AURY tokens originated from a team wallet, facilitating withdrawals for accounts not previously deposited AURY.
Exploit Mitigated
The Aurory statement emphasized that the exploit is no longer ongoing, as SyncSpace remains offline for maintenance. As a result, there is currently no risk of further exploits. Additionally, it was confirmed that the attacker has exhausted their AURY supply and no longer possesses any tokens to sell.
Moreover, SyncSpace will investigate further to determine how the exploit went undetected despite the previous expert audit.
The team also plans to release a comprehensive post-mortem report once the necessary fixes have been implemented and the investigation concludes. They expect SyncSpace to be back online in the coming days.
Since October 30, the price of Aurory’s token, AURY, has experienced a significant upward trend, culminating in a yearly high of $1.9008 on December 12. However, following the recent exploit, the price of AURY has retraced to $1.0868, marking a decline of 23.5% over the past 24 hours and 36.5% over the past seven days.
Despite this setback, AURY still boasts substantial gains of 74% and 70% over the 30-day and one-year periods, respectively.
The market now awaits to see whether the token’s support lines at $0.9681 and $0.9086 will be able to halt the potential continuation of the price drop or if they will succumb to the prevailing downtrend, putting a significant portion of its 2023 gains at risk.
Featured image from Shutterstock, chart from TradingView.com
How the Ledger Connect hacker tricked users into making malicious approvals
According to Cyvers, the attacker caused malicious code to be inserted into multiple app user interfaces, allowing the exploiter to fool users into confirming transactions.
How the Ledger Connect hacker tricked users into making malicious approvals
According to Cyvers, the attacker caused malicious code to be inserted into multiple app user interfaces, allowing the exploiter to fool users into confirming transactions.
BREAKING: Sushi DeFi Security Breach: CTO Sounds Alarm, SUSHI Price Drops 4%
In a significant blow to the decentralized finance (DeFi) sector, the Sushi DeFi protocol has fallen victim to its second exploit this year.
The protocol’s Chief Technology Officer (CTO), Matthew Lilley, has issued a stark warning to users, advising them to refrain from using any decentralized applications (dApps) until further notice.
Sushi And Zapper Frontends Compromised
The latest breach has prompted concerns about the security and integrity of the Sushi DeFi protocol and other associated dApps. According to Lilley, a widely-used web3 connector has been compromised, allowing malicious code injection that affects numerous dApps.
Specifically, dApps that use the LedgerHQ/connect-kit, a dApp that allows users to connect other dApps to their Ledger hardware wallets, are considered vulnerable. Notably, Lilley’s warning underscores the severity of the situation, emphasizing that this is not an isolated attack, but a large-scale assault targeting multiple dApps.
Further investigation by security experts has revealed a potential supply chain attack on the ledger connect kit. The attacker allegedly successfully injected a wallet-draining payload into the popular Node Package Manager (NPM), impacting several prominent dApps, including Hey and others.
Additionally, it has been discovered that the Zapper and Sushi frontends have been hijacked, exacerbating the scope of the breach.
Slowmist, a module of Ledger, further confirmed that their system was hijacked and tampered with during the supply chain attack. This compromised the integrity of the ledgerhq/connect-kit library, which is relied upon by many dApps.
As a result, users are urged to exercise caution when conducting any dApp-related operations and to scrutinize requests for wallet information that may appear unexpected.
Malicious Connect Kit Neutralized?
In an official statement, Ledger has confirmed the identification and removal of a malicious version of the Ledger Connect Kit. The company assures users that their Ledger devices and Ledger Live remain uncompromised.
The company stated that a genuine version of the Connect Kit is currently being pushed to replace the malicious file. Ledger advises users to refrain from interacting with any dApps at the moment for their safety.
The company pledges to provide updates as the situation develops, ensuring users stay informed about the ongoing efforts to address the security breach.
SUSHI’s Uptrend Threatened By Exploit Fallout
In light of recent events affecting the Sushi DeFi protocol, its native token, SUSHI, has experienced a decline of over 4% within the past hour, reaching a low of $1.590.
Before the exploit, SUSHI had been exhibiting a notable uptrend structure on its 1-day chart, marked by higher highs and higher lows. However, with the loss of its crucial support level at $1.961, there is a potential invalidation of the previously established uptrend.
The uncertainty surrounding the protocol’s native token raises the possibility of further downside in SUSHI’s price action. If a sustained downtrend continues, the next significant support level for SUSHI is located at $1.084.
Featured image from Shutterstock, chart from TradingView.com
KyberSwap attacker used ‘infinite money glitch’ to drain funds — DeFi expert
By exploiting a bug, the attacker caused liquidity to be “double-counted,” allowing them to get an unfair price for a swap.
KyberSwap DEX exploited for $46 million, TVL tanks 68%
The DEX aggregator has been exploited across multiple blockchains with millions in wrapped Ether and other assets stolen.
Ethereum Wallet Drainer Steals $60M in Six Months
Hackers that stole more than $60 million worth of crypto in six months are using a piece of code to bypass security alerts after maliciously gaining access to a private key.
Raft Suffers $3.3M Exploit That Drove Down Stablecoin 50%, but Hacker Likely Lost Money on Attack
Raft’s R stablecoin lost its dollar peg, dropping as much as 50% in the immediate aftermath of the exploit.
Unibot Token Hurtles 25% as Telegram Bot Exploited for $630K
Unibot confirmed on X that it had suffered a token approval exploit in its new order router.
LastPass Hack Victims Lose $4.4M in a Single Day
Hackers siphoned a total of $4.4 million in crypto from at least 25 LastPass users on Oct. 25, according to blockchain analyst ZachXBT.
Stars Arena recovers 90% of stolen funds after offering $257K bounty
The exploiter of the Web3 social media platform agreed to keep a 10% bounty in exchange for returning the remainder of the stolen funds.
Stars Arena Exploiter: ‘I Want to Cooperate’
The social app on Avalanche was drained for $3 Million last week.
Friend.tech copycat Stars Arena patches exploit after some funds drained
Stars Arena announced that attackers were draining funds through a loophole, but the contract has been patched to prevent further damage.
Friend.tech users blame SIM swaps after more than 100 ETH drained in a week
In a short period of time, four friend.tech users reported their accounts were compromised and drained after hackers seized control of their mobile numbers.
DeFi Protocol Balancer Says Web Front End Is ‘Under Attack’
On-chain data appears to show the attacker has stolen over $200,000 from users.
Crypto Casino Stake Targeted in Reported $40M Exploit
The cryptocurrency gambling and sports betting website stake has been targeted by a private key exploit, with on-chain analyst Cyvers reporting that $16 million has been withdrawn on the Ethereum network.
WinRAR patches zero-day bug that targeted stock and crypto traders
According to cybersecurity firm Group-IB, weaponized ZIP file archives were being shared on crypto trading forums, with each one containing a nasty surprise.