bitcoin
bitcoin

$71990.68 USD 

0.33%

ethereum
ethereum

$2694.92 USD 

2.53%

tether
tether

$0.999687 USD 

0.01%

bnb
bnb

$597.44 USD 

-1.48%

solana
solana

$174.14 USD 

-3.03%

usd-coin
usd-coin

$0.999937 USD 

-0.01%

xrp
xrp

$0.522528 USD 

-0.34%

dogecoin
dogecoin

$0.166008 USD 

-1.51%

tron
tron

$0.168618 USD 

1.79%

toncoin
toncoin

$4.99 USD 

-0.81%

cardano
cardano

$0.353730 USD 

1.76%

shiba-inu
shiba-inu

$0.000018 USD 

-2.10%

avalanche
avalanche

$26.15 USD 

-1.22%

chainlink
chainlink

$12.20 USD 

6.23%

bitcoin-cash
bitcoin-cash

$371.36 USD 

-2.91%

Cryptocurrency News Articles

Super Sushi Samurai Heist: Inside Job Suspected?

Mar 23, 2024 at 03:24 am

Super Sushi Samurai, a blockchain game built on Blast, was compromised hours before its launch due to a smart contract exploit. Exploiting the mint function, the attacker created excessive tokens, sold them on the liquidity pool, and made away with $4.6 million. The team and Certik have confirmed the exploit and are working with a white hat hacker to recover the funds and safeguard users.

Super Sushi Samurai Heist: Inside Job Suspected?

Was Super Sushi Samurai's Exploit an Inside Job?

Super Sushi Samurai (SSS), a blockchain game built on the Blast Layer-2 solution, was compromised just before its highly anticipated launch. The exploit, reportedly orchestrated by a white hat hacker, resulted in the loss of $4.6 million due to a bug in the game's smart contract code.

Smart Contract Bug Exploited

According to SSS, the exploit was caused by a bug that enabled an unauthorized party to initiate an infinite mint function. This resulted in the creation of an excessive number of tokens, which were subsequently sold into the liquidity pool, causing a 99% token value slippage.

CertiK, an on-chain security firm, confirmed that $4.6 million worth of tokens were affected, with the attacker managing to extract 1310 ETH from the token's liquidity pool.

Investigations Reveal Unauthorized Token Acquisition

Investigations revealed that the attacker acquired 690 million SSS tokens and used an attack contract to initiate a series of transactions. By exploiting a vulnerability in the platform's update function, the attacker duplicated the tokens in their possession 25 times, resulting in a total of 11.5 trillion tokens, which were then exchanged for approximately 1,310 ETH.

Recovery Efforts Underway

SSS has been in active communication with its community, providing updates through Telegram and other social media platforms. In a public post, SSS revealed that the exploit was conducted by a white hat hacker who is currently collaborating with the SSS team. The hacker indicated that their intention was to protect users and that plans for reimbursing affected users are in progress.

SSS has also disclosed the address containing the compromised funds and is working with the white hat hacker to ensure the safe return of assets.

Post-Mortem Analysis

SSS has published a "post-mortem" update outlining the extent of the damage. Negotiations are ongoing to reach a resolution that safeguards both users and the white hat hacker involved.

Unanswered Questions

While SSS has provided some details about the exploit, several questions remain unanswered:

  • Why was the smart contract vulnerable to this type of attack?
  • Was the white hat hacker acting alone or in collusion with others?
  • How will SSS prevent similar incidents in the future?

As more information becomes available, we will keep you updated on this developing story. In the meantime, investors should remain vigilant and take appropriate precautions to protect their assets when participating in blockchain-based games or investing in digital assets.

Disclaimer:info@kdj.com

The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!

If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.

Other articles published on Oct 30, 2024