Bitcoin News

Sushiswap Smart Contract Bug Results in Over $3M in Losses; Head Chef Says Hundreds of ETH Recovered – Defi Bitcoin News

Sushiswap Smart Contract Bug Results in Over $3M in Losses; Head Chef Says Hundreds of ETH Recovered

According to several reports, a bug introduced to the decentralized exchange (dex) protocol Sushiswap’s smart contract has resulted in more than $3 million in losses. The blockchain and smart contract security firm Peckshield explained the exploited contract was “deployed in multiple blockchains.”

Dex Platform Sushiswap Suffers From Smart Contract Exploit

Over the weekend, the dex platform Sushiswap saw its RouteProcess02 contract exploited and then distributed across various blockchain networks. Blockchain security firm Certik published an alert after discovering the exploit. The company Peckshield also updated the crypto community via Twitter, noting that Sushiswap’s “RouterProcessor2 contract has an approve-related bug.” It has also been reported that the victim was a well-known crypto advocate called Sifu, who reportedly lost 1,800 ether.

Sifu may not have been the only victim, as Certik’s alert mentions that a few USDC users may have been affected. “We have detected suspicious activity on [0x15d], which is a malicious router,” Certik tweeted. “Revoke permissions if you have approved this router to spend your tokens. Stay safe. Multiple users who had approved the malicious contract have seen their USDC being transferred to [0x29e]. The wallet has taken about $20,000 in the last two hours,” the company added.

A developer known as 0xngmi has detailed that the exploit should only be problematic for those who used Sushiswap during the last four days. “Only users impacted by Sushiswap hack should be those that swapped on Sushiswap in the last 4 days. If you did so, revert approvals ASAP or move your funds in the affected wallet to a new wallet,” 0xngmi tweeted. Sushiswap’s head chef Jared Grey also confirmed the exploit and later detailed that “recovery efforts were underway.”

“We’ve secured a large portion of affected funds in a whitehat security process. If you have performed a whitehat recovery please contact security@sushi.com for next steps,” Grey said at 9:42 a.m. Eastern Time on April 9. “We’ve confirmed recovery of more than 300 ETH from Coffeebabe of Sifu’s stolen funds. We’re in contact with Lido’s team regarding 700 more ETH,” Grey added. Sushiswap’s CTO, Matthew Lilley, followed up later in the day and said that there are currently no issues with using the Sushiswap dex platform.

“There is no risk at this time with using Sushi Protocol, and the UI. All exposure to RouterProcessor2…

Click Here to Read the Full Original Article at Bitcoin News…