Socket: A Cross-Chain Infrastructure Protocol Exploited, Resulting in a $3.3 Million Theft
On January 16th, Socket, an infrastructure protocol used in many Web3 applications, fell victim to an attack that exploited infinite contract approvals, resulting in a loss of $3.3 million. In response, Socket’s team urgently announced the suspension of affected contracts to limit the damage.
The Attack Details
Blockchain analyst Spreekaway reported the incident, explaining that the hacker used a token approval from an Ethereum address ending in 97a5 to carry out the exploit. Spreekaway advised users to revoke all approvals from this address, identified as ‘Socket: Gateway’ on Etherscan. Socket assured that they had suspended the contracts and stated that users have nothing to worry about.
Beware of Phishing Scams
Scammers are taking advantage of the chaos to trap new victims. A fake Socket account posted a link to a malicious application, urging users to revoke their approvals via another malicious app. The fake account, named @SocketDctTech instead of @SocketDocTech, was quickly removed from the platform.
Dune Analytics user Beetle created a dashboard to track all the losses related to the attack.
The Hacker’s Cruel Joke
The hacker didn’t stop at the $3.3 million stolen and took advantage of the recent rise in points and rewards systems launched by many DeFi protocols.
Through an on-chain message, the hacker proposed accumulating points by refusing to revoke blockchain approvals and earning even more points by sharing a referral link…