Joseph Delong, chief tech officer at SushiSwap’s decentralized finance platform (DeFi), announced that a hacker had compromised the supply chain for its token launchpad platform, MISO.
Delong claims that an “anonymous contractor using the GH handle AristoK3 injected malignant code into the Miso frontend,” replacing the auction address with their own, and then acquiring 865 Ether(ETH) valued at $3,000,000. You can verify this data via EtherScan.
Hacker exploited one target in Jay Pegs Auto Mart token Auction, a parody NFT project imitating a 2007 Kia Sedona.
The former senior software engineer at ConsenSys said that he had received little support from the leading crypto exchanges FTX or Binance during his search for the funds.
We asked @FTX_Official to provide the attackers KYC information. However, they refused. The attackers have worked with @Yearn, and have approached other projects. You should always check your own front end for exploits.
— Joseph Delong (@josephdelong) September 17, 2021
Delong openly expressed his suspicions about the hacker’s identity, naming Eratos as a blockchain developer and Eratos as the hacker. The accusation has not been responded to.
After discovering a serious vulnerability in the BitDAO token sales auction contract, a white-hat security programr saved SushiSwap’s protocol from a disastrous hack of $350-million, just last month.
The exploit was not discovered by loitering hackers and the sale went on as normal. The event, however, did highlight — as the white shirt described — the “obvious mistake” made by the security team.
DeFi announced in July its highly anticipated “7/20” project update. This included the launch of Trident, an automated market maker that will help to make the market more capital efficient.