November 30, 2020 | AtoZ Markets – The SushiSwap team discovered and fixed the vulnerability after an attacker withdrew between $10,000 to $15,000 from the decentralized protocol. The developer of the 0xMaki project spoke about the exploit.
Post-Mortem when I wake up, exploiter got around 10-15k so far from the 0.05% fees cut of Sushiswap.
— 0xMaki 源 義経 (@0xMaki) November 29, 2020
LP - xSushi holders are safe!
It is a fascinating one thanks @andy8052 @danielque & sushi core devs for the quick reaction and help.
More soon! https://t.co/QmhNMTP28L
The developer explained the small amount of damage by the fact that the attack consisted of stealing commission income. Their daily size does not exceed $20,000- $30,000.
The attacker carried out the first microtransaction two or three days ago. However, on November 29, he put them on stream. 0xMaki, in a conversation with the Rekr platform, noted that it took about four hours to find and fix the vulnerability.
SushiSwap will cover all lost user funds
SushiSwap will reimburse the damage from the project fund. According to the developer, the organizer of the attack deserved the stolen funds as a reward for identifying the problem.
As a reminder, a double-spend bug was revealed in the SushiSwap control mechanism in September.
Previously, experts discovered ten vulnerabilities in the protocol, one of which could lead to the transfer of funds to any address.
On November 13, AtoZ Markets reported that DeFi platform Akropolis was hacked. As a result, a stable coin DAI worth 2 million dollars were drained from several of the pools within the project’s Delphi Savings pool for yield farming.
Think we missed something? Let us know in the comment section below.