ChainSwap vulnerability allowed hackers to steal more than $4 million from DeFi-projects
A critical vulnerability in the smart contract of the ChainSwap gateway allowed hackers to withdraw more than $4.000.000from DeFi projects. To eliminate the consequences, the developers will release a new version of their ASAP token.
The ChainSwap protocol acts as a bridge between various blockchains, including Binance Smart Chain, Ethereum, Polygon and Huobi Eco Chain. On July 10, the Wilder World NFT marketplace team discovered a failure on the PancakeSwap platform. Hackers were able to withdraw from the Wilder Pancake Liquidity Pool on Binance Smart Chain and the contract ChainSwap more than five hundred thousand dollars in Ethereum.
The developers noted that they responded to the problem in time and prevented further spending. According to them, the attack involved the critical vulnerability of the ChainSwap smart contract, which made it possible for attackers to steal about 20.000.000 WILD tokens, which they brought to their address on the BSC network, without using the main contract built on the Ethereum blockchain.
Wilder World commented that their project was also attacked and was essentially a victim of fraudsters. According to user Krisma, Antimatter, Razor, Unifarm and many others were attacked. On the electronic address of fraudsters are tokens, the total value of which is more than four million dollars.
The project OptionRoom states that they also took a hit by hackers. They withdrew more than $2.000.000 of ROOM built on the Ethereum blockchain and more than ten million dollars of ROOM using the Binance Smart Chain network.
Hackers exchanged all tokens using decentralized exchanges such as Uniswap. Developers of affected projects were able to withdraw liquidity from the appropriate pools in order to prevent attackers, and also promised to reimburse the full cost to users of their projects.
For project participants, restrictions on ASAP exchange were introduced – developers recorded e-mail address balances before hackers attacked to enter the airdrop of the latest version of the token.
Since the beginning of July, using a vulnerability in the ChainSwap code, hackers managed to steal more than $800.000 from the platform in different DeFi tokens. Follow all the news from the crypto industry with us. We publish only high-quality and interesting material. We wish you good luck and calm work!