- An attacker used a critical vulnerability in Alameda-backed ChainSwap.
- The attack caused a loss of millions of dollars.
- Of note, this is not the first time the platform has been hacked.
An attacker used a critical vulnerability in Alameda-backed ChainSwap. Alameda-backed ChainSwap is a platform that links Ethereum to Binance Smart Chain.
Last night, the platform fell victim to another attack. The attack caused a loss of millions of dollars, including from Jake Paul-backed Wilder Web.
The hacker took control of the projects’ BSC contracts by using ChainSwap. Further, he managed to mint tokens quickly to his address. Furthermore, he sold the token on PancakeSwap. PancakeSwap is BSC’s most popular decentralized exchange (DEX).
A developer at Wilder World, an Ethereum-based NFT startup backed by YouTuber Jake Paul first spotted the attack. He analyzed and noted that the attacker stole 20,000,000 Wilder World’s native tokens (WILD).
Moreover, ChainSwap also tweeted about the attack, urging users to not buy $ASAP as they are investigating the exploit.
Liquidity pulled temporarily, please do not buy $ASAP we are investigating the exploit
— ChainSwap ($ASAP) (@chain_swap) July 10, 2021
Furthermore, the team noted,
“The ChainSwap team has frozen the BSC mapping token address to filter out the hackers’ addresses. Balances might temporarily show 0 until we are done filtering. Smart contracts are affected, not the wallets that interact with ChainSwap. Funds from individual wallets are safe.”
Of note, this is not the first time hackers attack the platform. On July 2, the platform incited $800,000 in losses after an attacker exploited another vulnerability in its system.