A recent attack on the SushiSwap exchange has caused over $3.3 million in damages to one user with the Twitter handle @0xSifu. PeckShield, a blockchain security firm, has reported that the decentralized exchange was attacked due to a vulnerability in the RouterProcessor2 contract. Both PeckShield and Jard Grey, the Head Chef of SushiSwap, have advised users to revoke on all chains.
It seems the @SushiSwap RouterProcessor2 contact has an approve-related bug, which leads to the loss of >$3.3M loss (about 1800 eth) from @0xSifu.
If you have approved https://t.co/E1YvC6VZsP, please *REVOKE* ASAP!
One example hack tx: https://t.co/ldg0ww3hAN pic.twitter.com/OauLbIgE0Q
— PeckShield Inc. (@peckshield) April 9, 2023
According to Ancilia, a network security firm supported by Binance Labs, the attack originated from the “internal swap” function. This function calls the swapUniV3 command to set the lastCalledPool variable, and the swap3callback feature was skipped, which led to the attack.
The first attacker used the “yoink” function, which was enabled by a flaw in the SushiSwap contract’s authorization mechanism. This flaw allowed unauthorized individuals to easily yoink tokens without user permission. The first hack resulted in 100 ETH in damages by a white-hat hacker, while another hacker stole 1,800 ETH, or roughly $3.2 million, using a similar method, according to Brad Kay from The Block Research.
@0xngmi has advised users who have interacted with SushiSwap in the past four days to revoke all contracts listed below. According to Kevin Peng from The Block Research, over 190 Ethereum addresses have interacted with the contract, and over 2,000 addresses have approved it on the Ethereum network.
only users impacted by sushiswap hack should be those that swapped on sushiswap in the last 4 days, if you did so revert approvals asap or move your funds in affected wallet to a new wallet
— 0xngmi (llamazip arc) (@0xngmi) April 9, 2023
This attack highlights the importance of conducting regular security audits and having proper authorization mechanisms in place to prevent unauthorized access. Decentralized exchanges like SushiSwap are vulnerable to attacks due to their decentralized nature, which can make it more difficult to detect and prevent malicious activity. Therefore, it is crucial for users to take necessary precautions and follow security best practices when using such platforms.
Read more:
- Fired Officer Shares Some Nasty Details Of Inner Workings Of Top-Notch DEX SushiSwap (SUSHI)
- Arca Strongly Objected To The Phantom Trope Proposal Of SushiSwap, Arca CIO Calling It “The Value-Destroying”
- Sushi Head Chef Jared Grey Issues Official Statement On SEC Investigation