Socket protocol loses $3.3M in confirmed approval exploit
Cross-chain protocol Socket has been exploited, and $3.3 million has been drained from contracts associated with it, according to a Jan. 16 social media post from the team. Socket has paused all contracts to prevent further losses.
Urgent
— Socket (@SocketDotTech) January 16, 2024
Socket has experienced a security incident which affected wallets with infinite approvals to Socket contracts.
We have identified the issue have paused the affected contracts.
We’re working on the situation will keep you informed with regular updates next steps.
“Urgent. Socket has experienced a security incident which affected wallets with infinite approvals to Socket contracts,” the post stated. “We have identified the issue have paused the affected contracts.”
Socket is a cross-chain infrastructure protocol used by many Web3 apps, including Synthetix, Lyra, Kwenta, Superform, Plasma Finance and Level Finance.
Blockchain analyst Spreekaway reported the incident from their X account. According to them, the attacker used a token approval from an Ethereum address ending in 97a5 to carry out the exploit. Spreekaway recommended that users revoke all approvals from this address, which they claim shows up as “Socket: Gateway” on Etherscan. Socket claimed that it paused contracts and that “users don’t need to do ANYTHING.”
Related: Gamma attempts to negotiate with hacker after $3.4M exploit
Phishing scammers appear to be taking advantage of the chaos to get new victims. In a reply to Socket’s official post, a fake Socket account posted a link to a malicious app and urged users to revoke their approvals using another malicious app that was also provided. The fake account contained the misspelled X handle @SocketDctTech instead of the correctly spelled @SocketDocTech. The fake account was removed from X within minutes of the post.
Dune Analytics user Beetle has set up a dashboard to track all losses from the attack.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
This Controversial Meme Coin Jumps by 35% Following an ‘Urgent’ Announcement From Andrew Tate
Andrew Tate urged the token’s holders to increase their exposure in the following hours: here’s why.
CryptoQuant says 'extremely underpaid' bitcoin miners' capitulation is a possible bottom signal
Quick Take Bitcoin miners are showing signs of capitulation, likely turning off underperforming hardware and selling coins following April’s halving event, according to CryptoQuant data. Daily miner outflows have spiked while the network’s hashrate continues to decline and average revenue by hash hovers around its all-time low level. The supply of bitcoin active in the past 90 days has been steadily decreasing as the three-month anniversary of the halving approaches, according to The Block’s data.
