SushiSwap Hit By Exploit
Decentralized exchange SushiSwap has suffered an exploit resulting in the loss of $3.3M from at least one user, with those who interacted within the last four days potentially impacted.
🔎 The Deets
The exploit involves an approve-related bug on the RouterProcessor2 contract. By approving the bad contract, users unknowingly allow the exploiter to steal their tokens through the "yoink" function, which was used by the first attacker. Reports indicate that only those who interacted with SushiSwap within the last four days are potentially at risk. DeFi Llama's @0xngmi has published a list of contracts across all chains that should be revoked and built a tool to check if any of your addresses have been impacted.
SushiSwap Head Chef Jared Grey has tweeted that they are working with security teams to mitigate the issue.
If you have interacted with SushiSwap in the last four days, check your addresses against the above information to see if you have been impacted. Revoking the RouterProcessor2 contract on all chains is recommended to prevent further potential attacks.
🎤 Community Quotes
Good morning. Woke up. Heard about the SushiSwap hack. Panicked. Happy Easter@LukasNerdwelten