News

Socket protocol loses $3.3 million in exploit, details here

Socket protocol suffered a $3.3 million exploit through a vulnerability in one of its exchanges.

Published

on

  • Socket protocol lost $3.3 million due to a vulnerability on one of its exchanges.
  • The team at Socket Protocol made swift moves to contain the damages.

Socket protocol, a cross-chain infrastructure protocol supporting various Web3 apps, suffered a significant security breach recently resulting in substantial financial losses.

The attack specifically targeted the Bungee Exchange within the Socket Protocol, resulting in the loss of $3.3 million.

Another day, another hack

The hack, as reported by the Socket Protocol team, occurred on the 16th of January. To mitigate the risk, Socket has disabled the compromised smart contract.

 

Looking at the finer details

PeckShield, a blockchain security firm, shed light on the technical aspects of the breach. The hacker exploited the incomplete validation of user input. This meant that the hacker found a weakness in the system that checks information from users.

The attack focused on a specific part of the system called SocketGateway. The weakness helped the hacker to take money from users who had given permission to that part of the system. This happened without the users knowing or agreeing to it.

At press time, Socket tweeted out that all the damage had been contained and the protocol was operational yet again.

However, Socket advised users to be wary of potential scams, as phishing accounts are flooding the replies under Socket Protocol’s tweets. They urged users to revoke approvals through other malicious apps, to avoid additional threats.

Turning it into ETH

In terms of impact, approximately 230 users were affected by the malicious transactions on the Socket Gateway contract. The total loss amounted to $3.3 million, primarily involving assets such as USDC, USDT, WBTC, DAI, and WETH.

The exploiter executed token swaps, converting USDC and USDT tokens into ETH.


Is your portfolio green? Check out the ETH Profit Calculator


Even though it isn’t apparent whether the hackers plan to hold or sell their ETH, the massive accumulation of ETH done by the hackers may help ETH’s price momentum in the short term.

At press time, ETH was trading at $2,568.03 and its price rose by 1.53% in the last 24 hours.

Source: Santiment