Decentralized exchange (DEX) SushiSwap (SUSHI) was reportedly hacked for 1,800 Ethereum (ETH) worth about $3.3 million at the time of the exploit.
One of SushiSwap’s endorsement contracts used for trade routing was first spotted by blockchain security firm PeckShield and contained an unknown bug that could allow a malicious attacker to steal crypto from wallets connected to it.
says PeckShield,
“It appears that the SushiSwap RouterProcessor2 contract has an approval-related bug, leading to the loss of > $3.3 million (approximately 1,800 ETH) from @0xSifu
If you approved https://etherscan.io/address/0x044b75f554b886a065b9567891e45c79542d7357#code, *RECALL* ASAP!”
SushiSwap’s “head chef” or CEO Jared Gray recognized PeckShield’s post urging anyone who interacted with the contract to withdraw their wallet’s approval. He recommended using Revoke.Cash, a decentralized application (DApp) that allows users to quickly see all the approvals they have given for a wallet and revoke the permissions if they wish.
According to Gray, some of the stolen ETH is already gone restoredand more can be found shortly afterwards.
“We have secured a large portion of the affected funds in a white hat security process. If you performed a whitehat recovery, please contact security@sushi.com for next steps.
We have confirmed that we have recovered more than 300 ETH from CoffeeBabe of Sifu’s stolen money. We are in touch with Lido’s team about an additional 700 ETH.”
According to Matthew Hilley, CTO of SushiSwap, there is currently no risk involved using the Sushi protocol.
“There is currently no risk using Sushi Protocol and the UI (user interface). All exposure to RouterProcessor2 has been removed from the front end and all LPing/current swap activities are safe to do.
News of the exploit triggered a brief correction for SUSHI as the crypto asset fell from $1.13 to a low of $1.07 yesterday. SUSHI has since recovered and is trading at $1.11 at the time of writing.
Don’t Miss Out – Subscribe to receive crypto email alerts delivered straight to your inbox
Check price action
follow us on TwitterFacebook and Telegram
Surf the Daily Hodl mix
Featured image: Shutterstock/d1sk/Andy Chipus
