SushiSwap to Make Exploit Victims Whole

by Tony Mormile

The SushiSwap team is helping the victims of its April 9 exploit recover their funds.

Key Takeaways

  • SushiSwap was hacked on April 9.
  • Attackers were able to siphon funds directly from the wallets of recent users of the protocol.
  • SushiSwap is planning on helping victims recover their funds.

Victims of the SushiSwap exploit have a chance of getting their funds back, whether they were preemptively taken by white hat hackers, or stolen by malicious actors.

Returning User Funds

SushiSwap has a plan to make its users whole.

The Ethereum-based decentralized exchange indicated on Twitter today that users that were affected by the protocol’s attack last weekend would be able to recover their funds.

SushiSwap is a decentralized finance project that enables its users to trade cryptocurrencies without needing to rely on a third party. On April 9, a fault in the protocol’s RouteProcessor2 smart contract allowed an exploiter to siphon tokens from users who’d previously approved the faulty contract. 

It’s currently unclear how much was actually taken, as groups of white hat hackers quickly mobilized to pre-emptively siphon user funds in order to secure them from malicious parties. However, the attacker was able to steal at least 1,800 ETH (worth over $3.3 million at the time of the exploit) from a single SushiSwap user. 

According to SushiSwap, the faulty smart contract was only deployed “in the last ten days”, meaning that users that hadn’t interacted with the protocol since April 2 were not impacted by the exploit. The exchange’s team highly encouraged users to revoke protocol approvals in any case, as a “good security practice.”

SushiSwap indicated that users whose funds had been swept by white hat security teams would be able to claim their funds shortly. The exchange’s development team is currently building a Merkle Claim contract to which users will be able to connect their wallets in order to receive their funds.

Users whose funds were siphoned by attackers will need to submit an email to the SushiSwap security team including transaction IDs and blockchain data for the lost funds. The team indicated that the process would take longer to process as a manual verification of the data would be necessary. “Our goal is to return all user funds to legitimate claimants. We appreciate everyone’s patience and understand your frustration as we work through returning funds to affected users,” the protocol stated.

Disclosure: At the time of writing, the author of this piece owned BTC, ETH, and several other crypto assets.

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

What Went Wrong at Sushi? Unpacking the DeFi Project’s Woes

Sushi CTO Joseph Delong has resigned from the project after reports of internal conflict. Delong’s resignation is the latest turn of events for the highly controversial project. Sushi CTO Resigns...

What Went Wrong at Sushi? Unpacking the DeFi Project’s Woes

Suspected Ethereum Exploit Drains Wallet of 121 ETH in Gas Fees

News Oct. 19, 2022

An ongoing exploit has led to more than $158,000 being extracted from an Ethereum user through an operation involving extremely high gas fees.  Gas Fees Gamed An Ethereum user appears...

Suspected Ethereum Exploit Drains Wallet of 121 ETH in Gas Fees

Rogue Mango Markets Trader Owns Up to $100M Exploit

Avraham Eisenberg has admitted that he and his team “operated a highly profitable trading strategy” on Mango Markets. Mango Markets $100M Exploiter Comes Clean The attacker behind the $100 million...

Rogue Mango Markets Trader Owns Up to $100M Exploit