As a researcher with experience in blockchain security, I find this incident deeply concerning. The hacker’s ability to drain funds from users through the Equalizer DEX, undetected for hours, is a clear indication of the vulnerabilities that exist in decentralized exchanges.
On May 14, a hacker gained unauthorized access to the decentralized exchange (DEX) Equalizer and started transferring user funds out of the system. This malicious activity was discovered after the Equaliz team notified users via tweet to avoid using the platform’s front end.
To date, the unauthorized individual has managed to siphon approximately 2,353 Equalizer (EQUAL) tokens and a number of other types from various users’ accounts. Despite the relatively small value of the pilfered tokens, these inconspicuous transactions enabled the hacker to persistently drain user funds without raising significant suspicion.
The hacker’s wallet address has been in use for over 222 days, and it continues to be filled with funds that were stolen from users.
At approximately 4:10 am UTC on May 14, an unauthorized transaction took place, resulting in the theft of 2,500 SpookySwap liquidity tokens (spLP). This unfortunate incident triggered a chain reaction, leading to the theft of various other tokens from affected users.
The total number of tokens drained so far include:
- 2,353 EQUAL across five transactions510,579 FantomStarter (FS)2,500 spLP6 million AnyInu (AI)985,565 ChillPill (CHILL)50,000 WigoSwap (WIGO)25 multiDEUS (DEUS)
As a result, EQUAL price is down almost 11% on the day to around $8.90.
In an unfortunate turn of events, a fraudster went on to fabricate a false Equalizer X account and announced a supposed refund process for the affected parties.
As a researcher examining the recent incident with the Equalizer DEX, I cannot definitively confirm that every token was successfully drained from the platform. The Equalizer team is still actively working to unravel the details of this exploit and gather more information.
As a member of our research team, I’d like to share some important news. Via the Equalizer Discord platform, we recommended a proactive step for users to safeguard their funds and prevent any potential further losses.
“If connecting to the dapp [[Connect Wallet]] asks you to Approve something, immediately Stop using that site. If the dapp asks you to interact with a contract you have never interacted with earlier, Stop using that site. If it asks you to approve any contract that is unknown or not in our docs, Stop using that site.”
an equalizer on Fantom, an equalizer on Base, Equity, and CL Farms on both Base and Fantom.”
— Equalizer (@Equalizer0x) May 14, 2024
“Member ‘543’ of the Discord community for Equalizer announced that individuals who hadn’t visited the Equalizer websites within the past 6 hours have no cause for concern. For those who had engaged with the sites during that timeframe, however, ‘543’ asked them to rescind all approvals granted during that period.”
The team is currently in the process of refreshing the primary site and asks users to abstain from accessing it temporarily.
Read More
- SQR PREDICTION. SQR cryptocurrency
- DOGS PREDICTION. DOGS cryptocurrency
- KNINE PREDICTION. KNINE cryptocurrency
- HI PREDICTION. HI cryptocurrency
- UXLINK PREDICTION. UXLINK cryptocurrency
- METIS PREDICTION. METIS cryptocurrency
- CLOUD PREDICTION. CLOUD cryptocurrency
- LDO PREDICTION. LDO cryptocurrency
- STG PREDICTION. STG cryptocurrency
- EVA PREDICTION. EVA cryptocurrency
2024-05-14 13:35