0
0
Gaming Token Exploited, Resulting in $4.6 Million Ethereum Theft
A critical security breach occurred on the Blast Network on March 21, resulting in the theft of approximately $4.6 million worth of Ethereum from the newly launched gaming token Super Sushi Samurai. A hacker exploited a bug in the token’s system, leading to an unauthorized token dump and a significant decrease in the token’s value.
Exploit Details
The attacker managed to extract 1310 ETH from the token’s main liquidity pool by exploiting a duplication bug that allowed them to double their balance repeatedly. This unauthorized activity caused the token’s value to plummet by about 99%, shocking the community and raising concerns about the platform’s security measures.
Investigations revealed that the attacker acquired 690 million SSS tokens and initiated multiple transactions using a specialized attack contract. By manipulating the platform’s _update() function, the hacker duplicated their token holdings 25 times, resulting in an inflated token quantity of 11.5 trillion.
The exploit took advantage of a flaw in the smart contract’s balance update mechanism, allowing the attacker to exponentially increase their token balance without engaging in legitimate transactions. Similar vulnerabilities have been exploited in the past, with the hack on the Ethereum-based token MINER resulting in a significant loss of 168.8 ETH.
Recovery Efforts
Following the breach, the Super Sushi Samurai team has been actively communicating with the community through various social media channels. They are working towards recovering the stolen funds and have engaged with a white hat hacker who may assist in these efforts.
The team remains in contact with the exploiter and is committed to ensuring the safe return of the compromised funds. The public disclosure of the address containing the stolen funds aims to facilitate tracking and potential recovery of the lost assets.
“We’re working with the white hat on the safe return of funds. An update and post-mortem will follow.”
Super Sushi Samurai’s transparent communication efforts underscore the importance of robust security protocols in the cryptocurrency sector. This incident serves as a cautionary tale for platforms to continuously enhance their security measures against evolving cyber threats.
Image/Photo credit: source url
