roadrunner Posted January 18, 2024 Share Posted January 18, 2024 Following a serious exploit in the Socket protocol that drained $3.3 million, the company has halted specific operations and urged users to revoke all approvals as a precautionary measure. Socket Responds to $3.3 Million Security Breach With Swift Action and Transparency Socket, a cross-chain protocol, confirmed the loss of $3.3 million due to an exploit. This incident was acknowledged in a social media post on January 16. Socket, a component in today’s interconnected blockchain ecosystem, facilitates cross-chain interactions and is used in several Web3 applications, including Synthetix, Lyra, Kwenta, Superform, Plasma Finance, and Level Finance. The exploit targeted users who had granted infinite approvals to Socket contracts. In a post on X the company stated, “Urgent. Socket has experienced a security incident which affected wallets with infinite approvals to Socket contracts.” Socket also swiftly paused the affected contracts to mitigate further damage. Blockchain security firm Peckshield flagged the issue, revealing that the exploit was linked to a route in the Socket system introduced just three days before the attack. Following the breach, Socket immediately deactivated the problematic route to thwart further misuse, and also urged users to revoke all approvals Due to the recent exploit, Socket urges all users to revoke all approvals to prevent loss of funds We recommend all users to review approvals immediately while we investigate. Check exposure to the exploit and revoke now Revoke Now https://t.co/fXzS6lONKX — Socket (@SocketDotTeclh) January 17, 2024 Amidst this trouble, phishing scammers are attempting to exploit the situation. In response to Socket’s official announcement, a fraudulent Socket account posted links to a malicious app, misleading users to revoke their approvals through it. The counterfeit account, distinguishable by its misspelled handle @SocketDctTech instead of @SocketDocTech, was promptly removed from X. Socket has assured its users that the paused contracts require no action from them. The company is also issuing regular updates and instructions to help its user base navigate through this crisis. Do you think Socket has done a good job handling this situation? Share your thoughts and opinions about this subject in the comments section below. View the full article Quote Link to comment https://slingbank.com/forums/topic/21085-socket-protocol-loses-33m-in-exploit-users-urged-to-revoke-approvals/ Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.