Legal Notice: Nothing on the website constitutes professional and/or financial advice. All the content on the website is for informational purposes only. We have prepared all information herein from sources we believe to be accurate and reliable. However, such information is presented as is,” without warranty of any kind – whether expressed or implied. You acknowledge and agree that there are numerous risks associated with purchasing cryptocurrencies.

CDS Crypto News Ethereum Hack Update: Socket Protocol Recovers a Substantial 66% of Stolen Funds

Crypto News

Ethereum Hack Update: Socket Protocol Recovers a Substantial 66% of Stolen Funds

sevval24/01/20241 Mins read422

The cross-chain bridge protocol Socket has successfully recovered a substantial portion of the funds that were drained from the protocol in a recent hacking incident. In an official announcement from the Socket protocol’s X account, it was revealed that they have managed to retrieve 1,032 Ether (ETH), valued at approximately $2.3 million out of the $3.3 million that was initially stolen. The protocol is set to unveil a comprehensive recovery and distribution plan for the affected users in the near future. Socket expressed gratitude towards various on-chain analytics accounts for their assistance in the recovery process.

Ethereum Hack Update: Socket Protocol Recovers a Substantial 66% of Stolen Funds

The breach occurred on January 16 when the attacker utilized a token approval from an Ethereum address ending in 97a5 to execute the exploit. This had a direct impact on wallets that had limitless approvals to Socket contracts, affecting 219 users with collective losses totaling around $3.3 million. The cross-chain interoperability protocol acted swiftly to identify and rectify the bug within hours of the exploit, ensuring the operational status of the bridge was restored within 24 hours.

The attacker exploited Socket’s over-approval vulnerability to drain assets, reaching each user’s authorized limit. The exploit targeted pre-approved balances that were never transferred through the bridge. To safeguard against potential losses from unused limits, users would have needed to proactively cancel authorization.

Data analytics firm PeckShield shed light on the exploit, attributing it to an incomplete validation of user input. Users who had approved the vulnerable SocketGateway contract fell victim to the exploit. Notably, the security firm highlighted that the malicious gateway was added just three days before the exploit. During that time, users were advised to revoke all approvals from the address identified as “Socket: Gateway” on Etherscan.

Previous post Phishing Emails from Impersonated Crypto Firms Result in 600,000 Dollars Losses

Next post The Role of Bitcoin in Stablecoins: A Critical Year Ahead in 2024

Written by

sevval

Şevval has been actively writing since 2022 and is a third-year mathematics student at Ankara University. Her interest in writing is shaped particularly around innovative technologies such as Web3, artificial intelligence, and blockchain. She closely follows developments in these fields and aims to convey complex topics to readers in a clear and engaging manner. She enjoys combining her mathematical knowledge with technology to create content and strives to raise awareness about the digital world of the future.

You must be logged in to post a comment.