Hdr_About.jpg

Detail Analysis

link.png

Date:

Status:

Count:

Contributor:

September 17, 2021

info.png

Verified

1

zerofriction.io

Loss Amount:

3,070,000

info.png

Recovered Amount:

-

Currency:

Dollars, ETH

KYC By:

Audit By:

None

None

info.png

Website:

Twitter:

No data

Discord:

No data

Telegram:

No data

Medium:

No data

Github:

No data

info.png

Key Indicators

Platform:

Type:

Category:

Method:

SushiSwap Launchpad

Platform

Front-end Vulnerabilities

Extended Method:

Front end manipulation

Data Sources:

info.png

The DONA token auction of the Jay Pegs Auto Mart project on the SushiSwap Launchpad platform MISO was attacked. The attacker inserted malicious code into the MISO front end and changed the auction wallet address to his own wallet address. The loss has now reached 865 ETH (approximately 3.07 million). Dollar). Joseph Delong, CTO of SushiSwap, said on Twitter that the vulnerability has been fixed and that FTX and Binance have been asked to provide the attacker's KYC information, but both exchanges refused to cooperate. In addition, Joseph Delong also stated that he has reported the case to the FBI through his lawyer and reminded the project party to check whether there are similar front-end vulnerabilities. According to the Ethereum block explorer Etherscan, the attacker returned all ETH to SushiSwap. The operation was divided into two transactions, the first return 100 ETH, the second return 700 ETH, and the third return 65 ETH.

info.png

DISCLAIMER: While Zero Friction LLC has used the best efforts in aggregating and maintaining this database, Zero Friction LLC makes no representations or warranties with respect to the accuracy or completeness, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose. 

Under no circumstances, shall Zero Friction LLC be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the dataset or information derived from our database.