Crypto game exploited for $4.6M, hacker claims to be white-hat | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Food-themed crypto game Super Sushi Samurai was exploited for approximately $4.6 million today, though it appears to have been a white-hat operation.

The project’s token, SSS, contained a vulnerability within its contract that allowed for duplicating balances when making a transfer between the same ‘to’ and ‘from’ address.

At the time of writing, the proceeds, 1,310 Wrapped Ether (WETH) worth $4.6 million, remain in the exploiter’s address.

Read more: Ethereum’s Dencun causes ‘Blast’ layer 2 outage

Super Sushi Samurai had gone live just hours earlier on Blast, the controversial Ethereum layer-2 network, with the SSS token launched on March 17. The project had previously been runner-up in Blast’s recent Big Bang contest.

The project’s team confirmed the hack, known as an ‘infinite mint’ attack, stating “Tokens were minted and sold into the LP.” As a result, the token’s value dropped over 99%, according to data from CoinMarketCap.

Just over a month ago, the same vulnerability was used to hack another token, MINER. Despite this, an audit of the token contract by Verichains failed to pick up the bug.

Read more: Critics decry Blast as the latest sketchy scheme on Ethereum

Luckily, however, the attack appears to have been conducted by a white-hat hacker to rescue at-risk funds. The team was informed via an on-chain message sent by the hacker shortly after the alarm was raised.

Blast’s use of a FOMO-inducing points campaign and VC-backing to draw enormous total value locked (TVL) attracted plenty of criticism when it was first announced. Skeptics noted the fact that the project’s ‘bridge’ was nothing more than a multisig wallet, while the network itself had yet to be built.

Got a tip? Send us an email or ProtonMail. For more informed news, follow us on XInstagramBluesky, and Google News, or subscribe to our YouTube channel.


Click Here For The Original Story From This Source.


National Cyber Security