{"id":69682,"date":"2024-01-24T06:43:07","date_gmt":"2024-01-24T10:43:07","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=69682"},"modified":"2024-01-24T06:43:10","modified_gmt":"2024-01-24T10:43:10","slug":"socket-protocol-recovers-1032-eth-stolen-from-hack","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/socket-protocol-recovers-1032-eth-stolen-from-hack\/","title":{"rendered":"Socket Protocol Recovers 1032 ETH Stolen From Hack"},"content":{"rendered":"\n

Cross-chain bridge <\/a>Socket protocol has recovered two-thirds of the stolen ETH funds in a recent breach, which led to the loss of about $3.3M.<\/p>\n\n\n\n

\"Socket
Socket Protocol Recovers 1032 ETH Stolen From Hack<\/figcaption><\/figure>\n\n\n\n

The socket protocol's official X account has reported the recovery of 1,032 Ether, valued at $2.3 million, out of a total of $3.3 million stolen. Soon, the protocol will disclose a distribution and recovery strategy for consumers. Additionally, Socket expressed gratitude to several on-chain analytics accounts for recuperating the funds.<\/p>\n\n\n\n

The perpetrator executed the exploit on January 16 using a token approval originating from an Ethereum address <\/a>concluding in 97a5. The vulnerability affected wallets that granted unrestricted approvals to Socket contracts.<\/p>\n\n\n\n

\n

FUND RECOVERY UPDATE

We have successfully recovered 1032 ETH from the funds involved in the incident on 16th Jan.

We will release a recovery & distribution plan for users soon.

Big shoutout to everyone who helped us from Seal911, Slowmist, Hexagate, & others:@samczsun\r\n \r\n \r\n \r\n <\/g>\r\n \r\n \r\n \r\n <\/clipPath>\r\n <\/defs><\/svg><\/span><\/a>\u2026<\/p>— Socket (@SocketProtocol) January 23, 2024<\/use><\/svg><\/span><\/a><\/blockquote>

The vulnerability caused net losses of approximately $3.3 million for 219 users. The cross-chain interoperability<\/a> protocol successfully detected and remedied the vulnerability within hours of the exploit, restoring functionality to the bridge within twenty-four hours.<\/p>\n\n\n\n

The assailant exploited the over-approval vulnerability of the Socket platform to deplete assets until the authorized limit of each user was exhausted. The assailant exploited never-bridged pre-approved balances. To prevent the loss of these unused limits, users would have been required to revoke authorization proactively.<\/p>\n\n\n\n

The vulnerability in the SocketGateway contract was exploited, according to data analytics firm PeckShield, due to incomplete validation of user input; users who had approved the compromised contract were susceptible to the flaw. <\/p>\n\n\n\n

Additionally, the security firm stated that the evil gateway was activated three days before the breach. During that period, Etherscan <\/use><\/svg><\/span><\/a>advised users to withdraw all authorizations for this IP address, denoted as “Socket: Gateway.”<\/p>\n\n\n\n

The compromise extended beyond the initial depletion of funds. According to the X post from Socket, phishing scammers also posted a link to a malicious application through a sham Socket account. They encouraged users to revoke their approvals using another malicious application.<\/p>\n\n\n\n

Interoperability protocols, also known as cross-chain bridges, are of the utmost importance in facilitating the communication between decentralized protocols. <\/p>\n\n\n\n

Nevertheless, these bridges have emerged as a principal target for malicious actors. In recent years, some of the most significant decentralized finance breaches <\/a>have transpired on cross-chain bridges.<\/p>\n","protected":false},"excerpt":{"rendered":"

Cross-chain bridge Socket protocol has recovered two-thirds of the stolen ETH funds in a recent breach, which led to the loss of about $3.3M. The socket protocol’s official X account has reported the recovery of 1,032 Ether, valued at $2.3 million, out of a total of $3.3 million stolen. Soon, the protocol will disclose a […]<\/p>\n","protected":false},"author":12,"featured_media":69686,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11476],"tags":[5562,5817,13134,18028],"class_list":["post-69682","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacks-and-scams","tag-eth-2","tag-hack-2","tag-cross-chain-bridges","tag-socket-protocol"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2024\/01\/image-111.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/69682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=69682"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/69682\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/69686"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=69682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=69682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=69682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}