0

    Socket Protocol recovers two-thirds of stolen ETH from hack

    2024.01.24 | exchangesranking | 246onlookers
    4f3dc34c>

    The cross-chain bridge protocol Socket revealed the recovery of two-thirds of the funds drained from the protocol.

    The official X account of the socket protocol announced that they have successfully recovered 1032 ETH worth $2.3 million from the total stolen amount of $3.3 million. The protocol will soon release a recovery and distribution plan for users. Socket also thanked multiple on-chain analytics accounts for their help in recovering the funds.

    On Jan. 16, the attacker behind the exploit used a token approval from an Ethereum address ending in 97a5 to carry out the exploit. The exploit impacted the wallets with limitless approvals to Socket contracts.

    The exploit on the Socket protocol impacted a total of 219 users with a net loss of around $3.3 million. The cross-chain interoperability protocol managed to identify and remove the bug within hours of the exploit, and within 24 hours, the bridge was operational again.

    The attacker used the Socket platform’s over-approval vulnerability to drain assets until each user’s authorized limit was reached. To avoid losing these unused limits, users would have needed to proactively cancel authorization. The attacker exploited pre-approved balances that were never bridged. Users may have prevented being taken advantage of by canceling permissions or withdrawing unused approvals.

    Related: Gamma attempts to negotiate with hacker after $3.4M exploit

    According to data analytics firm PeckShiled, the exploit resulted from an incomplete validation of user input, where users who have approved the vulnerable SocketGateway contract became victim of the exploit. The security firm added that the malicious gateway was added three days before the exploit. At the time, users were recommended to revoke all approvals from this address, which shows up as “Socket: Gateway” on Etherscan.

    The hack was not just limited to the initial draining of funds; even under the official acknowledgment X post from Socket, phishing scammers used a fake Socket account to post a link to a malicious app and urged users to revoke their approvals using another malicious app.

    Cross-chain bridges or interoperability protocols play a critical role in helping different forms of decentralized protocols interact with each other; however, these cross-chain bridges have also become a primary target for malicious actors. Some of the largest DeFi exploits over the past few years have occurred on cross-chain bridges.

    Magazine: The truth behind Cuba’s Bitcoin revolution — An on-the-ground report

    The content on this website comes from the Internet. Due to the inconvenience of proofreading the authenticity and accuracy of the copyright or content of some content, it may be temporarily impossible to confirm the authenticity and accuracy of the copyright or content. For copyright issues or other ssues caused by this, please Call or email this site. It will be deleted or changed immediately after verification.