Claim BonusSushiSwap Falls Prey to ‘Scavanger’ Attack as Hacker Turns 0.001 ETH to 81.68 ETH
SushiSwap, a popular DEX protocol was at the receiving end of what many called another Rug Pull attack, via Badger DAO token DIGG. The transaction that caught everyone’s eye was attempting to convert 0.05% of the DIGG/WBTC swap fees (for ~24hrs) through a DIGG/ETH pool with little liquidity and suffering high slippage, resulting in outsized fees for the liquidity providers of the DIGG/ETH pool.
The attacker exploited a loophole of a low liquidity pool with non-eth pair where the trading fee which was supposed to go to the stakers on the network went to the attacker instead. The attacker used the loophole to create a new pair with a low liquidity pool resulting in a high transaction fee, and that fee was taken away by the exploiter in absence of a bridge that would send the fee to the stakers.
Fortunately, no underlying LP or xSUSHI positions were affected, only the earnings for the affected asset (0.05% fees for DIGG/WBTC swaps – 81 ETH) from the previous day were lost.
A bridge has been set up for DIGG through the maker contract to resolve this issue for xSUSHI participants. This bridge is also included in SushiMaker.
A Major Mishap or a Minor Loophole?
A defi expert on Twitter revealed that the attack was not a major setback or even a rug pull, rather more of a scavenger hunt
Old loopholes opened up give a hacker a small reward.
24 hours of DIGG/WBTC swap fees snatched by an opportunist.
It ain't much, but is it honest work?
We spoke to the @SushiSwap team to find out what went wrong.https://t.co/mSTTXTtarg
— rekt (@RektHQ) January 26, 2021
He explained,
After researching further, we found that although there had been an exploit, the damage had already been contained, and what had been perceived as a threat to the entire SushiSwap protocol was simply a smart scavenger picking up food that had been left behind.
What many perceive to be another attack on the whole network turned out to be a minor mistake on the Sushi team who now have contained the problem and filled the loophole by creating the bridge for Dthe IGG token.
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more… to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
Delivered every day.
- Insights that move markets
- 100,000 active subscribers
Related Articles
- OpenAI Introduces Smart Contract Benchmark for AI Agents as AI and Crypto Converge
- Goldman Sachs CEO Discloses Bitcoin Stake, Backs Regulatory Push Amid Industry Standoff
- FOMC Minutes Signal Fed Largely Divided Over Rate Cuts, Bitcoin Falls
- BitMine Adds 20,000 ETH As Staked Ethereum Surpasses Half Of Total Supply
- Wells Fargo Predicts Bitcoin Rally on $150 Billion ‘YOLO Trade’ Inflow
- BMNR Stock Outlook: BitMine Price Eyes Rebound Amid ARK Invest, BlackRock, Morgan Stanley Buying
- Why Shiba Inu Price Is Not Rising?
- How XRP Price Will React as Franklin Templeton’s XRPZ ETF Gains Momentum
- Will Sui Price Rally Ahead of Grayscale’s $GSUI ETF Launch Tomorrow?
- Why Pi Network Price Could Skyrocket to $0.20 This Week
- Pi Network Price Beats Bitcoin, Ethereum, XRP as Upgrades and Potential CEX Listing Fuels Demand
