Socket, a protocol in the decentralized finance (DeFi) space, recently encountered a security incident that led to a loss of approximately $3.3 million.
The vulnerability stemmed from a call injection attack on the Socket protocol, specifically impacting wallets with infinite approvals to Socket contracts. As a response, all affected contracts have been swiftly PAUSED to mitigate further damage.
The attack exploited an unsafe call within the performAction function, primarily due to overlooking scenarios where the caller transfers 0 Wrapped Ether (WETH). This oversight allowed the attacker to specify alternative functions in the call while still passing the balance check.
The attacker strategically crafted calldata to invoke the transferfrom function of arbitrary tokens, consequently siphoning tokens previously approved to the contract by other users to the attacker’s address.
$3.3 Million Recorded Stolen Funds
Socket protocol @SocketDotTech was under a call injection attack with a loss of ~$3.3M.
This attack was mainly due to an unsafe call in the performAction function. It did not consider the case where the caller transfers in 0 WETH, allowing the caller to specify other functions… https://t.co/l6024hFrqi pic.twitter.com/E8p5bGpOnb
— Beosin Alert (@BeosinAlert) January 17, 2024
The stolen funds, amounting to around $3.3 million across six assets, include:
– 2.57 million USDC
– 347,000 USDT
– 165,000 MATIC
– 13,800 DAI
– 42 WETH
– 2.8 WBTC
Around $3.3M in 6 assets was stolen from users with infinite token approvals to cross-chain bridge @SocketDotTech contracts ~8hrs ago, including:
• 2.57M $USDC
• 347K $USDT
• 165K $MATIC
• 13.8K $DAI
• 42 $WETH
• 2.8 $WBTCSo far, the exploiter has swapped all 2.92M… https://t.co/rA7VXvSfcK pic.twitter.com/D9Qc20qF9I
— Spot On Chain (@spotonchain) January 17, 2024
As part of their strategy, the exploiter promptly converted the pilfered stablecoins, totaling 2.92 million, into 1,139 Ether at an average price of $2,564. The converted funds are currently held in the wallet address 0x50DF5a2217588772471B84aDBbe4194A2Ed39066.
This incident underscores the persistent challenges faced by DeFi protocols in maintaining robust security measures. Socket’s prompt action to halt affected contracts demonstrates a commitment to safeguarding user assets and mitigating potential risks within the DeFi ecosystem.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any service.
Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news!
Image Source: ismagilov/123RF// Image Effects by Colorcinch