Unibot hack for $560,000 brought down the price of the token by more than 40%

Carding 4 Carders

Carding 4 Carders

Professional
Messages
2,731
Reputation
13
Reaction score
1,379
Points
113
Attackers hacked a popular Telegram bot used to track transactions on the Uniswap decentralized exchange. The volume of losses is estimated at $560,000.

The project team has already confirmed the fact of hacking and suspended the operation of the platform.

"We encountered an exploit on our new router and suspended its operation to fix the problem. Any funds lost due to an error on our new router will be refunded. Your keys and wallets are safe, " the team assured.

We experienced a token approval exploit from our new router and have paused our router to contain the issue.

Any funds lost due to the bug on our new router will be compensated. Your keys and wallets are safe.

We will release a detailed response after investigations conclude.
— Unibot (@TeamUnibot) October 31, 2023
https://twitter.com/i/web/status/1719239188514844735
Click to expand...

The company promised to publish a detailed response after the investigation is completed. Against the background of news about the hack, the value of the native UNIBOT token fell by more than 40%.

A blockchain detective named Arhat showed an alleged scheme for hacking Unibot. The attackers wrote pseudocode to break the Unibot contract, which allowed them to bypass balance checking and drain funds through repeated calls: transferFrom.

Allowed to Drain? A Devious Exploit Bypassed Unibot's Balance Checks and Made Off With 300+ ETH

More than 300 ETH was exploited from @TeamUnibot users. More than $500k, at least at the time of writing this.

The hacker wrote a pseudocode to exploit the Unibot contract.

Read… https://t.co/Ns7bm6RYuP
— Arhat (@0xArhat) October 31, 2023
Click to expand...

Beosin experts also pointed out that the attacker made changes to the bot code.

#Unibot exploited
Hacker:https://t.co/vSnl9xNmBD

The root cause is CAll injection, where an attacker can pass custom malicious calldata into the 0xb2bd16ab() method to transfer tokens approved to Unibot contracts.

Users need to revoke approval for… https://t.co/7PYJVwO6Ga
— Beosin Alert (@BeosinAlert) October 31, 2023
Click to expand...

Previously unknown attackers attacked the Maestro telegram bot, the largest one used for trading cryptocurrencies. The amount of damage is 280 ethers ($500,000).
 
You must log in or register to reply here.

Similar threads

Tomcat
Schneider Electric Hack: Hunt3r Kill3rs take Germany's power grid hostage
Replies
0
Views
21
Tomcat
Tomcat
Tomcat
Lykke Crypto Exchange Halted Operations After $22 Million Hack
Replies
0
Views
24
Tomcat
Tomcat
Tomcat
ComfyUI hack: Fight for artists rights or convenient cover-up?
Replies
0
Views
24
Tomcat
Tomcat
Tomcat
Hack Google Pay, Samsung Pay and Apple Pay
Replies
0
Views
60
Tomcat
Tomcat
Tomcat
How carders can and cannot hack NFC payment in your smartphone
Replies
0
Views
29
Tomcat
Tomcat
Top