Decentralized Finance protocol SushiSwap has recovered $186,000 worth of ether (ETH) that a hacker drained from one of its users’ wallets following a $3.3 million exploit this weekend, according to a Sunday tweet from blockchain security firm Blocksec. The attack exploited a vulnerability in the 'RouterProcessor2' contract, which is used to conduct trade routing on the SushiSwap exchange.
BlockSec recovered the 100 ETH on Sunday by intercepting a transaction from prominent SushiSwap user @0xsifu’s wallet to the hacker’s wallet. BlockSec detected malicious activity during the attack attempt and was able to effectively rescue part of the funds. As such, SushiSwap lead developer Jared Grey said on Sunday that the protocol is working on a retrieval plan to secure the stolen funds and make affected users whole.
“Rest assured the team is working diligently to mitigate risk and retrieve user funds,” Grey wrote in an early Sunday message on Discord.
To date, 190 Ethereum addresses and over 2000 addresses on layer 2 network Arbitrum have approved the contract that facilitated this weekend’s SushiSwap exploit, according to Dune Analytics.
Sushi protocol’s native sushi (SUSHI) tokens have risen nearly 1% in the past 24 hours after dipping 3% on news of the exploit, as per CoinGecko. It is trading at $1.10 in early U.S. hours on Monday.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.