Crypto News

ParaSwap fixes Augustus V6 contract bug and begins returning crypto to users


ParaSwap, a decentralized finance aggregator, has started returning crypto to users after patching a critical vulnerability in its Augustus v6 smart contract identified last week.

The smart contract bug emerged shortly after the contract was introduced on March 18, aiming to improve trading efficiency and reduce gas fees. However, the contract contained a critical vulnerability, allowing hackers to drain funds once approved.

The ParaSwap team reported on X on March 24 that all assets taken by white hat hackers had been returned and AugustusV6’s permissions had been revoked.

The team further noted that 213 addresses have yet to revoke their permissions for the compromised contract.

Revoking a smart contract typically involves stopping or disabling its blockchain operations, effectively hindering the contract’s ability to recover the user’s wallet and tokens.

The vulnerability was first discovered on March 20, and the platform responded by suspending its application programming interface (API) and securing at-risk funds via a white hat hack. The involvement of white hat hackers helped prevent massive asset losses.

ParaSwap has since been proactive in addressing the consequences of the security breach, submitting a detailed report to the relevant authorities to facilitate the investigation of the stolen funds.

“Actively engaged in identifying hacker addresses and tracing the movement of funds,” says ParaSwap in close collaboration with blockchain analytics and security companies Chainalysis and TRM Labs.

The group also said it began talking to hackers via chain messages and urged them to return stolen funds to users.

If there is no response by March 27, ParaSwap plans to pursue its recovery through legal means.

At the time, the losses were apparently minor, with preliminary data suggesting the hackers got away with just $24,000 before the vulnerability was identified.

Security of blockchain and DeFi platforms remains challenging, as previous breaches outside of ParaSwap show.

On February 29, Shido’s layer 1 blockchain suffered a security breach, causing its token value to drop by more than 90% in 30 minutes. ⁤⁤The exploit, reported by PeckShield on X, resulted in the theft of more than 4.3 billion Shido tokens, almost half of its circulating supply. ⁤

Another significant security breach was exploited earlier on December 8, targeting the TIME token and resulting in a loss of $188,000. ⁤⁤This involved manipulating the freight forwarder’s contract to execute transactions from a falsified sender address, thereby misleading the contract verification process. ⁤

Follow us on Google News


Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button