Advertisement
AD

Main navigation

Advertisement
AD
Advertisement

$350 Million SushiSwap Hack Just Prevented by Anonymous Dev: Details

Advertisement
Wed, 18/08/2021 - 10:06
$350 Million SushiSwap Hack Just Prevented by Anonymous Dev: Details
Cover image via stock.adobe.com
Read U.TODAY on
Google News
Advertisement

Security expert of a high-profile VC firm Paradigm, who goes by the @samczsun name on Twitter, has shared how he spotted and reported one of the most critical bugs in Ethereum DeFi segment’s history.

“Two rights might make a wrong”

According to an exciting story shared by @samczsun on the official Paradigm's website, he noticed a discussion in Telegram between Ethereum (ETH) developers about the MISO, a novel SushiSwap-centric token sale instrument.

The white-hat hacker started checking the architecture of the project and noticed two functions with no access control and one function that had not been properly initialized.

Advertisement

But then, he found way more sensitive bugs: due to the flaws in MISO Dutch Auction design, hypothetical malefactors were able to drain all the liquidity from the $350 million contract.

The expert admitted that the vulnerability was similar to the flaw identified in the Opyn DeFi contracts. In early August, 2020, it was drained of almost 370,000 USD Coins (USDC).

Related

All is well that ends well

To double-check his findings, Mr. Samczsun contacted his colleagues Georgios Konstantopoulos, Dan Robinson and SushiSwap (SUSHI) CTO Joseph Delong.

The developers decided to reach the team behind the auction (BitDAO) and offer them to finalize the auction manually by purchasing back all tokens available.

As a result, all funds were saved in five hours. Mr. Samszun concluded that using 'safe' components does not necessarily guarantee the safety of the whole system.

As covered by U.Today previously, the white-hat hacker of Poly Network is returning funds to their victims. Also, the team of Poly Network offered them a role of Chief Security Advisor along with a $0.5 million bounty.

A
A
A

Related articles

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement
Advertisement

Recommended articles

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD