An anonymous cryptocurrency client, known for its white hat hacking activities, found itself in a race against time and a malicious botnet after identifying a vulnerability in SushiSwap’s RouterProcessor2 contract.
The hacker managed to secure 100 Ethereum (ETH) from the affected funds before the malicious bot replicated the attack, resulting in the loss of more than $3.3 million (about 1,800 ETH). The hacker, whose identity remains unknown, chirp Today they successfully “white-hacked” 0xSifu for 100 ETH and were willing to return the money if contacted. He was later thanked by Sifu in a tweet for the refund.
However, their attempt to protect the platform was thwarted by the swift actions of an Extractable Value (MEV) bot, which deployed the contracts and repeated the attack before the vulnerability was fully addressed.
Mineable Value (MEV) mining bots are automated programs designed to exploit opportunities for profit within blockchain networks, specifically within the Ethereum ecosystem. These bots take advantage of the inherent design of decentralized networks, where miners are responsible for verifying and ordering transactions within blocks. MEV bots seek to harness the power of energy miners to choose which transactions to include in a block and the order in which they are placed.
The primary focus of MEV bots is to identify and act upon profitable opportunities, such as forward play, back play, arbitrage, and sandwich attacks. These strategies allow MEV bots to take advantage of knowledge of pending transactions by manipulating their position within the block. When asked why TrustTrust didn’t just warn Sifu instead, he is books:
“I wasn’t aware of how ridiculously advanced the MEV bots were (3 TXs rebuilt), I thought every second counted, and I wanted to hack another batch of titles.”
The question appears to have alluded to the cybersecurity principle of responsible disclosure. Responsible disclosure is a principle within the cybersecurity community that emphasizes the ethical reporting of discovered vulnerabilities in software or systems to the relevant developers or vendors before the information is released. The primary goal of responsible disclosure is to provide an opportunity for the affected party to remediate the vulnerability, thereby reducing the risk of exploitation by malicious actors.
In the context of cryptocurrency and blockchain technology, preemptive hacking to secure funds in a vulnerable position may not be an appropriate option due to the public nature of crypto transactions. In decentralized networks, transaction data is transparent and accessible to all participants.
This openness allows bad parties to monitor and imitate such transactions. Thus, preventive hacking is only reasonable when all vulnerable funds can be secured fast enough, preventing bad actors from repeating the attack in a timely manner.
Crypto cybersecurity company PeckShield Weighs Regarding the situation, he revealed that the RouterProcessor2 contract on SushiSwap had an approval-related bug that resulted in a significant loss of 0xSifu. The company urged users who agreed to the contract to revoke their consent as soon as possible, and to provide a link to the contract address on Etherscan.
Jared Gray, lead developer of SushiSwap, Certain There was an approval error in the RouterProcessor2 contract via tweet. He urged users to revoke their consent immediately and assured them that the platform’s security teams were working to mitigate the issue. Gray also reported that a large portion of the affected funds were secured through a white hat security operation.
In a follow-up tweet, Gray announced the recovery of more than 300 ETH from CoffeeBabe, a user who managed to recover some of the stolen funds. SushiSwap is also in contact with the Lido team to secure an additional 700 ETH.
This incident highlights the ever-evolving landscape of cryptocurrency security, where white hat hackers protect platforms and assets, but malicious actors remain an ever-present threat. It also stresses the need for heightened security measures and collaboration between platforms and white hat hackers to address vulnerabilities and minimize losses.
Comments are closed.