Scam Alert

Dexible Exploited By Hackers Causing Damage $2 Million

Key Points:

  • An exploit has affected the multichain exchange aggregator Dexible, and as a result, $2 million worth of crypto has been lost.
  • A few whales accounted for around 85% of the losses, the study continued.
  • Blockchain data reveals that BlockTower Capital, an investing company for digital assets, was one of the victims.
Early on Friday, the decentralized exchange aggregator Dexible was the victim of a $2 million hack, according to an announcement the protocol updated on its Discord channel.

The Dexible front end displays a popup warning about the vulnerability anytime users visit it as of 6:35 pm UTC on February 17.

According to a tweet from Dexible, the hacker was able to drain assets from cryptocurrency wallets containing funds that had been authorized for use by taking advantage of a flaw in the smart contract code.

The team announced that it had found a possible hack on Dexible v2 contracts at 6:17 am UTC and was looking into the matter. It sent a second statement saying it now knew $2,047,635 about nine hours later. A few whales accounted for around 85% of the losses, the study continued.

According to a report by Dexible, the attack affected 13 Arbitrum wallets and 5 Ethereum wallets. These wallets have been fully mined.

Around 4:00 pm UTC, a post-mortem report was published as a PDF file and made available on Discord. The team also stated that it was currently working on a remedial plan.

The team claims in the paper that it became aware of a problem after one of its founders had $50,000 worth of cryptocurrency removed for unclear reasons from his wallet. The team’s investigation revealed that an attacker had transferred over $2 million worth of cryptocurrency from users who had previously given the app permission to transfer their tokens using the selfSwap feature of the app.

The selfSwap function allowed users to swap one token for another by providing the address of a router and the calldata connected to it. however, the code didn’t contain a list of routers that had already been certified.

In order to transfer user tokens from their wallets into the attacker’s own smart contract, the attacker utilizes this method to route a transaction from Dexible to each token contract. The token contracts did not stop the counterfeit transactions since they were coming from Dexible, which users had previously given permission to use their tokens for.

Michael Coon, chief executive of Dexible, said:

“We have paused these contracts, while we get a full picture of the situation.”

According to blockchain data, BlockTower Capital, an investing company for digital assets, was one of the victims.

A wallet described as belonging to BlockTower by blockchain intelligence company Arkham Intelligence was emptied of almost $1.5 million in TRU tokens by the wallet address linked to the Dexible exploiter on the blockchain monitoring platform Etherscan. BlockTower Capital’s address has also been assigned by blockchain intelligence company Nansen.

Arkham’s blockchain transactions demonstrate that the exploiter sent the stolen TRU tokens to SushiSwap in order to exchange them for Ethereum (ETH). They then transfer ETH to TornadoCash, a cryptocurrency mixing service.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Harold

Coincu News

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.

Recent Posts

Gate.io Shatters Records in Total Trading Volume in Q3 2024, with Its User Base Surpassing 17 Million

In the third quarter of 2024, despite a challenging market environment, Gate.io maintained strong growth…

17 mins ago

MEXC Champions the Future of Crypto Content Creation at CCCC

MEXC is proud to partner with the inaugural Crypto Content Creator Campus CCCC event, taking…

17 mins ago

Dtec Announces Global Partnership with DİZAYNVIP to Elevate AI-Driven Mobility Design  

Dtec and DİZAYNVIP partner to merge AI technology with luxury vehicle design, revolutionizing smart mobility…

1 hour ago

Bitcoin Spot ETF Outflows Reach Second Highest in History

Bitcoin Spot ETF Outflows hit $541M on November 4, the second-highest single-day outflow in history.…

5 hours ago

PropiChain’s Token Presale Turns Heads as the First DeFi Platform to Merge NFTs with AI 

The hype around PropiChain’s token presale is due to its innovative integration of NFTs and…

8 hours ago

UK Pension Fund Cartwright Encourages 3% Allocation to Bitcoin Investment

UK pension fund Cartwright advised the country's first defined benefit pension fund to allocate 3%…

10 hours ago

This website uses cookies.