ETH Heist Reversed: Socket Protocol Recovers Two-Thirds Of Stolen Cryptocurrency

The Socket cross-chain bridge protocol has succeeded by restoring two-thirds of the funds illicitly siphoned during a recent security breach.

News from the­ X account tied to the Socket protocol says a big portion of the­ lost money (1,032 Ether or about $2.3 million out of $3.3 million) is back safe. Ste­ps are in the works to share de­tails about how they will return the mone­y to users who were impacte­d. People at Socket Protocol gave­ heartfelt thanks to differe­nt on-chain analysis groups who helped bring the mone­y back.

On Jan 16, the individual orchestrating the breach employed a token endorsement from an Ethereum address concluding with 97a5 to execute the exploit. This manipulation specifically affected wallets that possessed unrestricted endorsements for Socket contracts.

The vulnerability affected 219 users, resulting in a collective financial setback of approximately $3.3 million. Swift action was taken by the cross-chain interoperability protocol, swiftly detecting and eliminating the flaw within hours of the incident. Remarkably, the bridge was restored to full functionality within 24 hours.

The assailant leveraged the over-approval vulnerability within the Socket platform to deplete assets, reaching the authorized limit for each user. Exploiting pre-approved balances that remained untouched, the attacker capitalized on unbridged resources. Users would have had to take proactive measures to cancel authorization and prevent the loss of these untapped limits.

Exploited Gateway: PeckShield Discovers Malicious Activity In Socket Contract

PeckShield, a data analytics company, reported that the vulnerability arose due to inadequate user input validation. Those who had sanctioned the vulnerable SocketGateway contract fell prey to the exploit. PeckShield revealed that the malicious gateway was incorporated three days before the exploit. During this period, users were advised to withdraw all approvals associated with the “Socket: Gateway” address on Etherscan.

The impact of the breach extended beyond the initial fund depletion. According to a post on Socket, phishing scammers employed a counterfeit Socket account to share a link leading to a malicious app. Users were then prompted to retract their approvals using yet another malicious app.

Interconnecting bridges or protocols for interoperability serves a pivotal function in facilitating the interaction among various decentralized protocols. Nevertheless, these bridges have emerged as a principal focal point for malicious entities. Some of the most significant breaches in decentralized finance have unfolded in recent years, specifically within cross-chain bridges.

Related Reading | Bitcoin’s Galactic Trajectory: Bold Projections Spark Heated Discussions

The author’s views are for reference only and shall not constitute any investment advice. Please ensure you fully understand and assess the products and associated risks before purchasing.

Comments (No)

Leave a Reply