Interoperability Protocol Socket Pauses Contracts After $6 Million Theft
Socket, an interoperability protocol, has temporarily halted affected contracts following reports of a breach in its Bungee bridging aggregator. The exploit resulted in the theft of approximately $6 million. The project’s team confirmed the security incident and stated that they have identified the issue and paused the affected contracts. The breach was initially noticed by an anonymous researcher known as Spreek on X, who observed millions being stolen and advised users to revoke approvals for Socket immediately. The attack appears to have ceased, and Spreek reassured users that no further attacks are likely.
Over $6 Million Stolen in Stablecoins and Cryptocurrencies
In just over an hour, the compromised wallet received over $6 million in various stablecoins and cryptocurrencies. These included USDT, USDC, DAI stablecoins, wrapped BTC, wrapped ether, and MATIC. The funds were subsequently transferred to decentralized exchanges such as Uniswap and 1inch. PeckShield, a cybersecurity firm, explained that the exploit was due to incomplete validation of user input in the vulnerable SocketGateway contract. They confirmed that at least $3.3 million had been affected by the hack.
Addressing the Vulnerabilities
The Block’s research director Steven Zheng highlighted the importance of revoking unnecessary approvals to prevent such attacks. Users should only approve transactions for the exact amount needed rather than granting access to larger sums. Socket is actively working on resolving the situation and will provide regular updates.
Hot Take: Socket Takes Swift Action to Address Security Incident
Socket’s prompt response to the security incident demonstrates their commitment to protecting user funds and addressing vulnerabilities promptly. By pausing affected contracts and actively working on a solution, Socket aims to prevent further breaches and reassure its users. This incident serves as a reminder for crypto users to exercise caution and carefully manage their wallet approvals to mitigate the risk of similar attacks in the future.
By
By
By
By
By