Nexo

Start Earning Up to 16% Interest Automatically

Learn More
Home » News » SushiSwap to Make Exploit Victims Whole

SushiSwap to Make Exploit Victims Whole

by

The SushiSwap team is helping the victims of its April 9 exploit recover their funds.

SushiSwap to Make Exploit Victims Whole
Shutterstock cover by Andrei Iakhniuk

Key Takeaways

  • SushiSwap was hacked on April 9.
  • Attackers were able to siphon funds directly from the wallets of recent users of the protocol.
  • SushiSwap is planning on helping victims recover their funds.

Share this article

Victims of the SushiSwap exploit have a chance of getting their funds back, whether they were preemptively taken by white hat hackers, or stolen by malicious actors.

Returning User Funds

SushiSwap has a plan to make its users whole.

The Ethereum-based decentralized exchange indicated on Twitter today that users that were affected by the protocol’s attack last weekend would be able to recover their funds.

SushiSwap is a decentralized finance project that enables its users to trade cryptocurrencies without needing to rely on a third party. On April 9, a fault in the protocol’s RouteProcessor2 smart contract allowed an exploiter to siphon tokens from users who’d previously approved the faulty contract. 

It’s currently unclear how much was actually taken, as groups of white hat hackers quickly mobilized to pre-emptively siphon user funds in order to secure them from malicious parties. However, the attacker was able to steal at least 1,800 ETH (worth over $3.3 million at the time of the exploit) from a single SushiSwap user. 

According to SushiSwap, the faulty smart contract was only deployed “in the last ten days”, meaning that users that hadn’t interacted with the protocol since April 2 were not impacted by the exploit. The exchange’s team highly encouraged users to revoke protocol approvals in any case, as a “good security practice.”

SushiSwap indicated that users whose funds had been swept by white hat security teams would be able to claim their funds shortly. The exchange’s development team is currently building a Merkle Claim contract to which users will be able to connect their wallets in order to receive their funds.

Users whose funds were siphoned by attackers will need to submit an email to the SushiSwap security team including transaction IDs and blockchain data for the lost funds. The team indicated that the process would take longer to process as a manual verification of the data would be necessary. “Our goal is to return all user funds to legitimate claimants. We appreciate everyone’s patience and understand your frustration as we work through returning funds to affected users,” the protocol stated.

Disclosure: At the time of writing, the author of this piece owned BTC, ETH, and several other crypto assets.

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight - and oversight - of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.