News

Newly Launched Gaming Token “SSS” Exploited; $4.6 Million Wiped off From Layer-2  Blast Network

kzy dor ycm sgv wzr ylw ukj bww ndx tit avd dqu qof nad rzk mke oom wku xpy jfy paa wfe glc kbb gjp fig mra oml ism bas

Despite the less than a week’s existence of the gaming token Super Sushi Samurai (SSS) on the layer-2 Blast network, the failure was massive. The hack which was executed through the smart contract vulnerability resulted in a $4.6 million loss. 

The SSS team acknowledged the hack and informed that there was a bug in the token contract under the mint function. This weakness allowed an intruder to generate a large amount of SSS tokens and then flood the liquidity pool (LP) with them, which resulted in a steady drop in the token’s value.

Adding more technical analysis, a Yuga labs dev said that  SSS LP was drained on blast because their token contract had a bug where transferring one’s entire balance to oneself doubles it. The attacker was able to get 1310 ETH from the LP by doubling their balance repeatedly and then selling it all.

The post-mortem from the team revealed that the total ETH in the pool before the exploit was 1339.50 ETH, the white hat took 1,310.04 ETH and Blackhat roughly 40.28 ETH. 29.09 ETH was recovered after removing LP.

The hacker turns out to be a white hat, assures to reimburse users

SSS immediately put into action urgent measures to control the breach and to engage with the hacker. After the hack was disclosed by the team, through BlastScan, the white hat revealed himself to the SSS team,  assuring to offer compensation to affected users. The team and the hacker are still negotiating with efforts to find a solution that ensures user security as well as the project’s standards.

The SSS token drops to zero post the exploit

The price of SSS fell 100% after the attack and is currently at nearly zero according to the data by CoinGecko,  which represented a quite bad situation for all the investors and stakeholders involved.

Hacks of these kinds expose the built-in flaws associated with contracts in the DeFi ecosystems. As the popularity of decentralized applications (DApps) and gaming tokens continues to soar, developers and investors must exercise caution and remain vigilant against potential threats.

SOURCE

Leave a Comment