BTC-Newswire

Socket recovers $2.3 million in ETH after bridge protocol exploit

Press Releases Crypto News CryptoBriefing Socket recovers $2.3 million in ETH after bridge protocol exploit

Socket, a cross-chain interoperability protocol, has released information on its recovery of 1,032 ether (ETH) following last week’s incident where its Bungee bridge protocol was exploited. The recovered funds represent roughly $2.3 million worth in ETH, with the damage from the exploit estimated at $3.3 million.

https://twitter.com/SocketDotTech/status/1749734794320363802

The exploit occurred on January 16th and affected wallets with infinite approvals to Socket contracts. Socket paused the affected contracts in response, though at least $3.3 million was initially stolen, according to blockchain security firm PeckShield.

PeckShield said the exploit resulted from “incomplete validation of user input, which is exploited to steal funds from users who have approved the vulnerable SocketGateway contract.” The security firm added that the route exploited was added three days prior and has now been disabled.

According to analysis from The Block research director Steven Zheng, the attacker exploited over-approvals on the Socket platform, draining assets up to each user’s approved limit. Users would have had to proactively revoke approvals to prevent the loss of these unused allowances. Zheng said the attack essentially took advantage of pre-approved balances that never bridged. Users could have avoided being exploited by revoking allowances or removing unused approvals.

While the amount stolen has yet to be recovered, Socket’s ability to reclaim over $2 million worth of ether demonstrates that exploits on bridge protocols may only sometimes result in permanent losses.

Socket has promised to release a recovery and distribution plan for its users.

The crypto industry is rife with exploits, and as it continues to deal with protocol-level vulnerabilities,

Go to Source to See Full Article
Author: Vince Dioquino

Did you like this?
Tip BTC Newswire with Cryptocurrency