As a seasoned analyst with years of experience in the cryptocurrency market, I find myself both intrigued and concerned by the recent hack on decentralized exchange (DEX) Clipper. While it is always disheartening to see such incidents, it’s not entirely unexpected in this rapidly evolving digital landscape.
The decentralized exchange (DEX), known as Clipper, has explained that the recent theft of $450,000 from its platform was due to a flaw in its withdrawal function. This is different from the theory circulated by an outside source that it was because of a leak in a private key.
In a December 1st post, Clipper stated that an attacker leveraged two liquidity pools on the same day, accounting for approximately 6% of the total value secured in those pools. The incident did not extend to any other pools and has since been resolved.
Clipper stated that some outside sources have made allegations about a private key breach. However, I want to clarify that such an occurrence is not true and contradicts the structure and security system designed for Clipper.
Withdrawing using a single token, which combines a swapped and deposit/withdrawal transaction, has been temporarily disabled due to its apparent vulnerability in being exploited.
Previously, the co-founder of Fuzzland Security, Chaofan Shou, stated on X platform that Clipper was compromised because of a weakness in its API (similar to a private key breach), and further suggested that there might have been flaws within the API which enabled an attacker to authorize deposit and withdrawal transactions and steal funds exceeding their initial input.
As a researcher delving into this situation, I can confirm that Clipper is currently conducting an investigation into the recent incident. Rest assured, I will keep you updated with any new developments as they become available. In the interim, swap and deposit functionalities on their protocol have been temporarily halted. However, withdrawals remain accessible; please note that these withdrawals should be a blend of all assets within the pool to ensure seamless processing.
As an analyst, I’ve initiated a process to track down the misappropriated funds with the aim of their recovery. If the party responsible for this incident is open to communication, I invite them to reach out to us directly.
In 2024 up until late November, the value of cryptocurrency stolen through the latest hack amounted to over $1.48 billion. Compared to the same timeframe in the previous year, this represents a 15% decrease, as suggested by a report published by Immunefi on November 28.
During non-business hours, Shipyard Software Inc., the maker of Clipper, has yet to provide a response to our query for comment.
Shou was contacted for comment.
Read More
- FLOKI PREDICTION. FLOKI cryptocurrency
- TRB PREDICTION. TRB cryptocurrency
- CAKE PREDICTION. CAKE cryptocurrency
- JTO PREDICTION. JTO cryptocurrency
- XDC PREDICTION. XDC cryptocurrency
- MNT PREDICTION. MNT cryptocurrency
- Dandadan Shares First Look at Season Finale: Watch
- HBAR PREDICTION. HBAR cryptocurrency
- OM PREDICTION. OM cryptocurrency
- OKB PREDICTION. OKB cryptocurrency
2024-12-02 08:52