Yesterday, a supply chain attack against Sushi’s token launch platform MISO drained 864.8 ETH from the ‘Jay Pegs Auto Mart’ token auction contract.
Sushi’s CTO Joseph Delong initially discovered the flaw on September 17th. When he tweeted a link to the transaction that emptied the cash from the protocol.
Sushi and MISO have a tough day, while token holders have a good time.
According to Delong, malicious code was injected into the MISO front end. Which replaced the original contract for the Jay pegs Auto Mart token auction with a personal Ethereum address. The address has received a total of 864.8 ETH, although the exploit has not affected any other auctions.
Sushi had “reasons to think” the attacker was eratos1122. A pseudonymous engineer who worked with Sushi and other DeFi projects including Yearn. Finance, according to a series of since-deleted tweets from Delong. He submitted a document that showed a trail of transactions traced back to the hacker’s original address. Some of which were backed by Binance and FTX.
Along with the document, an ultimatum was placed. That threatened the hacker with legal action if the money was not returned soon.
The hacker refunded 865 ETH to the original MISO contract just a few hours afterwards. The hacker’s address was almost completely empty, according to Etherscan data, and Delong himself confirmed the news on Twitter.
It has still not been determined who the assailant was in the hours since the money was returned. Delong’s original tweets accusing the former MISO developer of being a liar have been removed. The person he accused of theft threatened to release some of the MISO code he was working on. Incase
he didn’t receive an apology from Sushi and Delong. And while ma
Sushi and Delong were chastised by several members of the crypto community for their handling of the incident. Because the protocol was largely created by anonymous engineers. Which points fingers and doing without a thorough inquiry has tarnished Sushi’s image.
Repeated instances of theft
The constant happening of such hacking incidents drags the security system of these crypto exchanges into a balustrade of questions. But a bigger question is what do these hackers want to prove? That it is way too easy to breach any security system across the crypto world? Because certainly, the hacks are not meant to steal anything at all. The past incidents too are the proofs of the same.
What is your view on these breaches?? Let us know in the comment section below.
