After receiving no response from the suspected hacker, SushiSwap’s CTO will instruct their lawyer to “file an IC3 complaint with the FBI.”
A hacker gained access to the supply chain of SushiSwap’s token launchpad platform, MISO, according to Joseph Delong, chief technology officer of the decentralized finance (DeFi) platform.
“An anonymous contractor with the GH handle AristoK3 introduced malicious code into the Miso front end,” according to Delong, replacing the auction wallet address with their own and thereby amassing 865 Ether (ETH), which is worth approximately $3 million. EtherScan can be used to confirm the accuracy of this information.
In the Jay Pegs Auto Mart token auction, a parody NFT project imitating the value of a 2007 Kia Sedona, the hacker targeted and exploited a single target.
Former senior software engineer at ConsenSys claims to have received little support from leading cryptocurrency exchanges FTX and Binance in his pursuit of the funds on what he described as the “hardest day of my life so far.”
We have asked @FTX_Official and @Binance to turn over the attackers KYC information, but they have resisted on this time sensitive matter.
The attacker(s) has done work with @Yearn and has approached many other projects. I urge you to check your own front ends for exploits.
— Joseph Delong (@josephdelong) September 17, 2021Delong publicly expressed his concerns about the hacker’s identity, which he identified as blockchain and web developer Eratos, in a statement. The individual has not yet responded to the allegations leveled against him.
Recent events include the miraculous rescue of the SushiSwap protocol from another potentially disastrous $350-million hack, this time through the MISO token launchpad platform. The programmer had discovered a severe vulnerability within the auction contract of the BitDAO token sale, and had used his white hat security skills to patch it.
Fortunately, the exploit was not discovered by any loitering hackers, and the sale was able to continue without interruption. The event did, however, highlight what the white hat described as a “obvious misstep” made by the team’s security operation during the preparations.
In July of this year, the DeFi platform released its highly anticipated “7/20” project update, which revealed the upcoming launch of a new automated market maker called Trident, which is intended to be the most capital-efficient market maker on the market by 2020.
