Furucombo's decentralized protocol and token exchange service suffered a hack that resulted in the theft of over $15 million.
March 1, 2021 | AtoZ Markets – Furucombo team reported about the incident in his twitter on 27 February. Furucombo's proxy server was attacked and hacked around 17:00 UTC. The company has confirmed that the vulnerability has been fixed and that all components have been deauthorized.
Today at 4:47 PM UTC the Furucombo proxy was compromised by an attacker. We have deauthorized the relevant components and believe the vulnerability to be patched but we recommend users remove approvals out of an abundance of caution.
— FURUCOMBO (@furucombo) February 27, 2021
Furucombo advises users to revoke the token transfer authorization on the site as a precautionary measure.
$15 Million Stolen from Furucombo Hack
The project team, in a message dated February 28, confirmed the amount of the stolen funds. However, the exchange claims that users' money is safe. The company is thinking about how to mitigate the impact of the breach and promises to release an action plan shortly. There are no clear terms.
One Furucombo user stated that he lost $197,000 of USDT as a result of the hack. He asked how the company plans to reimburse him for the loss. In response, representatives from the Furucombo team responded that the mitigation plan will be published in due time.
UPDATE:
— FURUCOMBO (@furucombo) February 27, 2021
The Furucombo proxy was compromised and US$15m was affected. The Furucombo platform and user funds are now safe. We are working on a mitigation plan that we will share with the community as soon as possible.
Over the past year, dozens of projects working in the DeFi (decentralized finance) segment have fallen victim to hacks and exploits. In particular, cybercriminals were withdrawing money from DeFi platforms through vulnerabilities in smart contracts.
Security remains a concern for DeFi and DEX
A whole book can be compiled from the list of projects affected by hackers. Akropolis, for example, fell victim to a hacker who stole $2 million from the project. This has happened even though many audits have confirmed the reliability of savings pools.
As a reminder, last year, Origin Protocol stablecoin network was attacked and hackers withdrew user funds worth more than $7 million. On the popular and well-known decentralized exchange SushiSwap, the attacker made a profit of $103,000. The exchange claimed that the attacker had just picked up what was bad, but in fact he took the profits of other users.
Read also: 5 Platforms That Will Help You Avoid Falling For DeFi Scams
However, the decentralized finance and decentralized exchange industries still have a long way to go before they can bring security to an acceptable level. Hackers are already quite familiar with how smart contracts work. These projects must hire the best in the business to prevent theft of client funds.
Popular educational DeFi platform, DeFi Prime, announced that all customers can take advantage of the Revoke.Cash feature and revoke transfers to the hacker's address.
⚠️ Just in: Furucombo exploited ⚠️
— defiprime (@defiprime) February 27, 2021
If you used Furucombo go to https://t.co/hfPQcxk8lo
and
revoke your allowances for this addresses:
0x57805e5a227937BAc2B0FdaCaA30413ddac6B8E1
0x17e8ca1b4798b97602895f63206afcd1fc90ca5f
Security issues and hacks are harming the cryptocurrency space and the decentralized finance segment.
Think we missed something? Let us know in the comment section below.