MetaSleuth Reports SushiSwap RouteProcessor2 Contract Attack Results in 1800 ETH Losses

04/09/2023 08:06 • Web3 News • 100 views

On April 9th, MetaSleuth tweeted that the SushiSwap RouteProcessor2 contract attack incident resulted in 0xsifu (sifuvision. eth) losing 1800 ETHs. The first attacker (0x9deff) has

On April 9th, MetaSleuth tweeted that the SushiSwap RouteProcessor2 contract attack incident resulted in 0xsifu (sifuvision. eth) losing 1800 ETHs. The first attacker (0x9deff) has returned 90 ETHs (stolen 100 ETHs). BlockSec helped save 100 ETHs and will be returned soon. In addition, negotiations are ongoing between sifuvision. eth and c0ffeebabe. eth. Most of the stolen funds went to beaverbuild, rsync builder, and Lido: Execution Layer Rewards Vault.

Progress of SushiSwap contract attack: The first attacker has returned 90 ETHs

Introduction

On April 9th, MetaSleuth, a blockchain security firm, tweeted that the SushiSwap RouteProcessor2 contract attack incident resulted in 0xsifu (sifuvision. eth) losing 1800 ETHs. The attack targeted the contract code for SushiSwap’s route processing, allowing the attacker to manipulate the pricing of exchange tokens and steal funds from unsuspecting traders. The attack highlights some of the vulnerabilities of decentralized exchanges and underscores the importance of maintaining strong security measures.

The Attack and Its Aftermath

The attack began when a contract that held the corresponding tokens was manipulated, resulting in a significant price drop. This allowed an attacker with sufficient liquidity to swap assets on favorable terms, causing significant losses to the token contract holder.
According to MetaSleuth’s tweet, the first attacker (0x9deff) has returned 90 ETHs (having stolen 100 ETHs), indicating a degree of remorse or concern over potential legal repercussions. Further, BlockSec helped save 100 ETHs which will be returned soon, thanks to the intervention of external security measures.
Currently, negotiations are ongoing between sifuvision. eth and c0ffeebabe. eth to recover the remaining stolen funds.
Interestingly, most of the stolen funds have gone to beaverbuild, rsync builder, and Lido: Execution Layer Rewards Vault, demonstrating how interconnected decentralized finance can be.

The Vulnerability of Decentralized Finance

As decentralized finance continues to grow in popularity, so too does the risk of security breaches. Decentralized exchanges rely on smart contracts to automate trades and remove intermediaries, passing funds from wallet to wallet. This reliance on code, rather than traditional legal contracts, means there is no safety net in case of a breach of security. In a centralised exchange, safeguards are implemented to detect and redress such incidents. Still, in a decentralised market, the absence of this safety net means funds and currencies can be stolen with ease and fewer repercussions.

Conclusion

The SushiSwap RouteProcessor2 contract attack underscores the risks involved in decentralized finance. Although the breach resulted in losses, the attack could serve as a basis for important lessons in securing smart contract code effectively. As an industry, we must progress towards implementing better security measures to ensure that critical assets and investments are protected.

Unique FAQs

1. What is a contract attack on cryptocurrency?

A contract attack involves exploiting vulnerabilities in smart contract code for financial gain. In a contract attack, an attacker can manipulate the pricing of exchange tokens, causing significant losses for the token’s contract holders. Such incidents occur frequently in decentralized exchanges with less security.

2. Why is securing smart contract code critical for the success of decentralized finance?

Decentralized finance relies heavily on smart contract code, which enables trustless automation and security. DeFi is a flourishing ecosystem but is susceptible to contract attacks. It is pivotal that vulnerabilities within contract code are identified, evaluated and remedied to establish trust in the markets and prevent future attacks.

3. Will incidents like the SushiSwap RouteProcessor2 contract attack deter decentralized finance’s growth in the long run?

As with any market, there are bound to be incidents requiring re-assessment of risks, loss/tolerance ratios and remediation. Single incidents, in the grand scheme of things, should not obstruct the continued growth of decentralized finance because as new opportunities arise, they come equipped with improved security measures that disrupt and address relevant vulnerabilities.

This article and pictures are from the Internet and do not represent Fpips's position. If you infringe, please contact us to delete:https://www.fpips.com/14178/

It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.

Like (0)

ETH 2.0 Pledges Exceed 18 Million: A Complete Overview

Previous 04/09/2023 08:01

The SushiSwap Contract Vulnerability: An Overview

Next 04/09/2023 08:12

Web3 News

Paxos Treasury burns $95.8 million in BUSD tokens – A reflection of stablecoin management

According to the report, Whale Alert data showed that Paxos Treasury destroyed 95826598 BUSD.

Paxos Treasury destroyed 95826598 BUSD

Interpretatio…

03/06/2023
115
Web3 News

US3R Network Launches Off-Chain Data Infrastructure for Web3

On April 11, it was reported that US3R Network recently announced the launch of its off chain data infrastructure for Web3. The fields of Web3 and dApps are rapidly growing, but cu

04/11/2023
102
Web3 News

Magic Eden Suspends Development of iOS and Android Applications

On March 2, according to the official announcement of Magic Eden, the NFT market will suspend the development of iOS and Android applications in the next few m…

03/02/2023
114
Web3 News

Coin On Releases Binance DeFi Wallet Supporting Mnemonics and Wallet Recovery

On March 31, it was announced that Coin On released a Binance DeFi wallet, which supports functions such as mnemonics and wallet recovery. Currently, BNB Chain and Ethereum are sup

03/31/2023
118
Web3 News

The Mystery of SyncSwap’s Airdrop Allocation

On April 10th, it was reported that the SyncSwap Chinese account and its operators released information related to project airdrops, which mentioned that token allocation of airdro

04/10/2023
100
Web3 News

Eradicating Fraud and Manipulation in Cryptocurrencies: Insights from CFTC Chairman Rostin Behnam

According to reports, CFTC Chairman Rostin Behnam stated that there is a need to eradicate fraud and manipulation in cryptocurrencies.
CFTC Chairman: The need to eradicate fraud an

03/31/2023
102
Web3 News

Mark Cuban’s Views on the Silicon Valley Bank Incident

According to reports, Mark Cuban, the boss of the NBA Dallas Lonely Rangers and the crypto investor, sent a paper on social media to analyze the Silicon Valley Bank incident. He said that the US FDIC’s insurance deposit compensation of US $250000 was too low, and the regulatory agency had never supervised and warned that the bankruptcy of the Silicon Valley Bank would cause many companies to be unable to pay wages. Mark Cuban suggested that the Federal Reserve should immediately purchase all the securities/liabilities owned by banks at a price close to the face value, and these assets should be sufficient to pay most of the deposits. If the Federal Reserve does not do so, people’s trust in the banking system will become a problem. Many banks have more than 50% of the uninsured deposits. This is not a bailout. The Federal Reserve is actually providing cash to end the run. In return, it will obtain long-term assets that…

03/12/2023
107
Web3 News

Crypto Exchange Crypto.com Transfer $17.5 Million to Ethereum Black Hole Address

It is reported that according to Whale Alert monitoring, Crypto.com, a crypto exchange, transferred 200 million CROs (about US $17.5 million) to the address of…

02/21/2023
139
Web3 News

Ethereum Mainnet Beacon Chain: An Overview of Recent Developments

According to reports, according to the official website mainnet.beaconcha.cn of Ethereum, the total number of Ethereum pledges has exceeded 18 million ETHs, with a total of 1800292

04/06/2023
106
Web3 News

What is Currency (What is an Integer)

What is currency, what is currency, what is currency? The issuance of cryptocur

08/14/2023
91
Web3 News

EigenLayer Ethereum Re-Pledge Agreement Developer Gains $56 Million in Financing

On March 8, according to the announcement on the official website of the US SEC, the developer of EigenLayer, the Ethereum re-pledge agreement, is about to com…

03/08/2023
119
Web3 News

Binance to Become Polymesh Network’s Node Operator and Allow Pledging POLYX Tokens

On April 20th, it was announced that Binance will become the node operator of the Polymesh network and allow users to pledge POLYX tokens through its platform before the end of thi

04/20/2023
84
Web3 News

Real Estate Tycoon Promises Digital Currency as Economic Stimulus for Thailand Citizens

According to reports, real estate tycoon and Thai Prime Minister contender Srettha Thavisin has promised to distribute 10000 Thai baht (approximately $300) of digital currency to c

04/07/2023
100
Web3 News

According to CertiK Monitoring, BSC Marks EOA Address of Phishing1288 with 50 BNB Transfer as Fake

According to reports, according to CertiK monitoring, it was marked as Fake by BSC_ The EOA address 0xd186D6 of Phishing1288 has transferred 50 BNBs (approximately $16000) to Torna

04/15/2023
110
Web3 News

The number of primary network addresses of zkSync Era has exceeded 160000, and the number of cross chain ETHs has exceeded 34000

According to reports, according to Dune data, as of March 30, the number of single addresses on the zkSync Era chain had reached 160351, and 34188 ETHs had entered the zkSync Era n

03/30/2023
129
Web3 News

Financial YouTubers Facing a $1 Billion Lawsuit for Promoting FTX without Disclosure

On March 21, it was reported that several financial YouTube members promoting FTX have now been filed a $1 billion class action lawsuit against individuals from the United States,

03/21/2023
118