Skip to content
Active Currencies: 17,411
Market Cap: $2.208T
Bitcoin Dominance: 56.09%
24h Market Cap Change: $-0.99

Exec issues FBI warning as SushiSwap’s MISO suffers $3M exploit
Written by Written by Namrata Shukla
Reviewed by Reviewed by Namrata Shukla
Updated September 17, 2021

Decentralized finance [DeFi] project SushiSwap suffered an exploit on its token platform – MISO. The attack resulted in the hacker stealing 864.8 ETH, currently worth $3 million.

The incident was first brought to light by Chief Technology Officer Joseph Delong who tweeted,

https://twitter.com/josephdelong/status/1438712356352274433?s=20

As an important project in the DeFi ecosystem, this supply chain attack could have far-reaching consequences. MISO is a suite of open-source smart contracts created to ease the process of launching a new project on the SushiSwap exchange.

According to the CTO, the attacker, going by the GitHub handle AristoK3, changed the contract address to one of his own and injected the platform’s front end with malicious code.

https://twitter.com/josephdelong/status/1438712357807611908?s=20

The exec went on to say that only one contract address for an NFT auction was exploited, an automobile-themed Jay Pegs Auto Mart. However, at press time, it had already been patched.

This isn’t the first time MISO has been attacked, however. In fact, a white hat hacker once saved SushiSwap $350 million by finding “obvious” exploits.

A security researcher from the venture capital firm Paradigm, known on Twitter as Samczsun, saved SushiSwap and MISO after he identified a flaw in the MISO Dutch auction contract. In the same, some of the functions lacked access controls. Now, while this was highlighted nearly a month ago, looks like the hackers have finally found a way.

Meanwhile, speculations are rife about who might be behind the said hack. The project believes Twitter user @eratos1122, who has previously worked with Yearn.Finance, could be behind it.

The CTO, however, is facing a tough time getting exchanges like Binance and FTX to cooperate. He noted,

“We have asked @FTX_Official and  @Binance to turn over the attackers KYC information, but they have resisted on this time sensitive matter.”

What’s more, the exec also issued a warning. If the stolen funds are not returned by 8 am Eastern Time on Friday, the project will file a complaint with the FBI.

Disclaimer: AMBCrypto's content is meant to be informational in nature and should not be interpreted as investment advice. Trading, buying or selling cryptocurrencies should be considered a high-risk investment and every reader is advised to do their own research before making any decisions.

Namrata Shukla

Namrata is a full-time journalist at AMBCrypto covering the US and Indian market. A graduate in Mass communication, while majoring in Journalism, she writes mainly about regulations and its impact with a focus on technological advancements in the crypto space.

Related Articles

AMBCrypto
Facebook X Instagram Youtube Linkedin

AMBCrypto was founded in 2018 with a mission to simplify and bring the latest blockchain and cryptocurrency news to our readers. We have quickly grown into the digital news source for an emerging generation of cryptocurrency enthusiasts, reaching more than a million readers on a monthly basis, across the globe.