Loading...

Socket resumes operations after $3.3M exploit

Socket

Most read

Loading Most Ready posts..

TL;DR

  • Socket and Bungee resumed trading after a $3.3 million exploit.
  • Attackers messed with wallet approvals, but Socket fixed it and plans to compensate users.
  • Cross-chain bridges, like Bungee, need better security to protect users from hacks.

Interoperability service Socket and its bridging platform Bungee have resumed operations after a security breach led to a temporary halt in trading. 

The exploit amounted to approximately $3.3 million when attackers targeted wallets with infinite approvals to Socket contracts. Approvals are authorizations for blockchain-based tools that enable applications to access tokens in a user’s wallet.

The breach was first brought to light by anonymous security researcher @speekaway at around 18:20 UTC on Tuesday. It was revealed that the attackers had manipulated wallet approvals, potentially compromising user funds. 

One wallet connected to the exploit is believed to be in the attackers’ possession, containing nearly $3 million worth of ether (ETH) and $300,000 worth of other tokens.

Socket acted swiftly in response to the breach, pausing all trading activity to prevent further attack propagation.

Socket swift resolution and compensation plans

In an early Wednesday statement, Socket developers announced that the security issue had been resolved and trading activities had resumed. Furthermore, they revealed that plans for compensation for affected users were already in the works.

Socket’s incident highlights the ongoing challenge of securing cross-chain bridges, which enable users to transfer tokens between different blockchain networks. According to key developers, cross-chain bridges like Bungee have frequently been exploited due to their inherent complexity.

This is not the first time such an incident has occurred in the crypto space. In January, Orbit Chain, a cross-chain bridge connecting Ethereum to other networks, fell victim to an $81 million hack. These attacks persist due to the intricate nature of cross-chain tools, making security a paramount concern for the crypto industry.

Sergey Nazarov, co-founder of Chainlink, emphasized the importance of cross-chain security, comparing it to data oracles. He stated,

“Like data oracles, many bridge variants don’t provide real security and don’t describe how they work beyond saying the words ‘decentralized’ and ‘secure.'”

Nazarov urged bridge users to consider the security of their chosen bridge and its ranking on the cross-chain security spectrum.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision.

Share link:

Ibrahim Abdulaziz

A fervent advocate, Ibrahim shares his wealth of knowledge on crypto and blockchain technology in an engaging and informative style. He frequents places where influencers gather for his next scoop. His vision is that the decentralized nature, security features, and potential for financial inclusion will drive widespread massive crypto adoption.

Stay on top of crypto news, get daily updates in your inbox

Related News

Cryptopolitan
Subscribe to CryptoPolitan