This weekend, a vulnerability was revealed in DeFi protocol SushiSwap by security firm PeckShield. The exploit involved the 'RouterProcessor2' contract used for trade routing on the SushiSwap exchange and had allowed a user to gain access to around $3.3M worth of funds. The attacker had been identified as 0xsifu, a popular member of the Crypto Twitter community.

SushiSwap head developer Jared Grey had confirmed the issue and suggested users to revoke permissions for all contracts on SushiSwap as a security measure. This exploit had affected users who had approved SushiSwap contracts in the last four days as per DefiLlama developer 0xngmi.

The security teams were actively investigating into the issue, tracking the stolen funds and trying to recover the affected assets. Consequently, BlockSecTeam had come aboard to aid the security teams and recover the stolen funds, which had been traced to 'beaverbuild, rsync-builder, and Lido: Execution Layer Rewards Vault.' Moreover, 0x9deff had returned 90 ETH of the stolen amount and BlockSec had rescued 100 ETH and also promised to return it soon.

The incident has not only highlighted the significance of maintaining utmost precaution within the DeFi ecosystem, but also exposed its vulnerability towards exploitation due to misconfigurations of accounts. Sushi token has dropped with 4.9% on the day, trading around $1.08 at press time.

In conclusion, users are highly recommended to revoke permissions for all SushiSwap contracts as a preventive measure for asset protection. Additionally, DeFi sector should keep evolving its security protocols in order to combat the possible setbacks.



Other News from Today