Inside SushiSwap’s Hack Recovery: The Swift and Surprising Comeback

The post Inside SushiSwap’s Hack Recovery: The Swift and Surprising Comeback appeared first on Coinpedia Fintech News

SushiSwap, a popular decentralized exchange, has experienced a major exploit, leading to the loss of over $3.3 million from one of its users. Let’s break down the events and uncover the details of this security incident.

It seems the @SushiSwap RouterProcessor2 contact has an approve-related bug, which leads to the loss of >$3.3M loss (about 1800 eth) from @0xSifu.

If you have approved https://t.co/E1YvC6VZsP, please *REVOKE* ASAP!

One example hack tx: pic.twitter.com/OauLbIgE0Q

— PeckShield Inc. (@peckshield) April 9, 2023

The “Yoink” Menace

The exploit revolves around a bug in the RouterProcessor2 contract’s “approve” mechanism. This bug allowed unauthorized entities to steal users’ tokens, using a technique dubbed “yoinking.” Initially, an attacker used the “yoink” function to steal 100 ETH, and shortly after, another hacker used the same contract but named their function “notyoink” to steal around 1800 ETH.

Also Read: SushiSwap Price Prediction 2023, 2024, 2025: How High Can SUSHI Price Go?

Addressing the Problem

SushiSwap’s Head Chef, Jared Grey, and cybersecurity firm PeckShield recommend revoking the problematic contract on all chains to mitigate the issue. Early reports indicate that users who interacted with the platform within the last four days might be affected. A list of contracts to be revoked has been published, and a tool has been developed to help users check if their addresses have been impacted.

In response to the attack, sushiswap

sushiswap

Decentralised Exchange

has made progress in recovering the stolen funds. The platform’s Head Chef tweeted that they have confirmed the recovery of more than 300 ETH from CoffeeBabe of Sifu’s stolen funds and are in contact with Lido’s team regarding 700 more ETH.

Furthermore, SushiSwap announced that they have secured a large portion of affected funds through a whitehat security process. Users who have performed recovery are advised to contact [email protected] for further assistance.

We've confirmed recovery of more than 300ETH from CoffeeBabe of Sifu's stolen funds. We're in contact with Lido's team regarding 700 more ETH.

— Jared Grey (@jaredgrey) April 9, 2023

The Aftermath

Despite the alarming situation, the price of Sushi’s governance token experienced a minor drop of only 0.6% after the news broke. Jared Grey has stated that SushiSwap is working closely with security teams to resolve the problem. Users who have interacted with the platform recently should exercise caution and make use of the available tools to determine if they have been affected by this exploit. 

Jared confirmed that users can now safely swap and trade on SushiSwap, as the exploited contract has been removed. Additionally, he urged users to ensure they have removed approvals for the compromised RouteProcessor2 contract by visiting https://sushi.com/swap/approvals.

Some quick notes on @SushiSwap, post-exploit.

1. You can now safely swap/trade on Sushi.
2. We've removed the exploited contract.
3. Please confirm you've removed approvals for the exploited RouteProcessor2 contract here: https://t.co/8BKQ2FSF0f

— Jared Grey (@jaredgrey) April 9, 2023