SushiSwap RouterProcessor2 Contact Hack Results in $3.3 Million Loss
The Decentralized Finance (DeFi) space is in turmoil after a recent hack on the SushiSwap RouterProcessor2 contact led to a loss of $3.3 million. The unauthorized withdrawal was made possible by an approve-related bug, causing widespread concern among cryptocurrency investors and raising questions about the security of smart contracts.
Details of the Attack
According to reports, an attacker exploited an approve-related bug to withdraw funds from 0xSifu’s account without their permission. The vulnerability allowed the unauthorized entity to obtain tokens without the owner’s consent, resulting in a significant financial loss for 0xSifu. The hacker could steal approximately 1800 ETH using the same contract as the first attack, and the function they used was named “notyoink,” unlike the first attacker who named it “yoink.”
Response from DeFi Llama
DeFi Llama, a major decentralized finance platform for tracking the performance of DeFi protocols, issued a statement regarding the hack on the SushiSwap platform. Their report stated that only those users who had logged into the SushiSwap forum within four days before the hack were affected by the breach.
DeFi Llama strongly urged affected users to take immediate action to secure their funds.
The first step recommended by DeFi Llama was to revert any approvals granted to the hackers by accessing the relevant wallet and rescinding any permissions granted. The next crucial step was to move funds to a new wallet without delay, ensuring that any remaining funds were not susceptible to further attacks.
Calls for Increased Transparency and Accountability
As the investigation into the hack continues, many members of the cryptocurrency community have called for increased transparency and accountability from DeFi projects. The SushiSwap team has not yet announced any steps they will take to prevent similar incidents from occurring in the future.