Telegram chatbot Unibot has lost around $640,000 worth of digital assets after a hacker managed to exploit a vulnerability in the newly deployed contract. The team behind the protocol said that it is currently investigating the issue and will soon release a detailed response.
PeckShield reported that the attacker transferred the pilfered cryptocurrency to Uniswap, after which it was subsequently routed to the controversial crypto mixer, Tornado Cash.
- Lookonchain advised Unibot to move funds to other wallets or revoke approvals of the contract as soon as possible.
- Unibot confirmed the token approval exploit from its new router and revealed pausing it to contain the issue.
- The protocol also assured its users that any funds lost due to the bug on its new router will be compensated while adding that user keys and wallets remain safe.
#PeckShieldAlert #Unibot Exploiter #1 has swapped the stolen coins for ~355.75 $ETH (worth ~$640K) and laundered them via #TornadoCash pic.twitter.com/P14n9Qip10
— PeckShieldAlert (@PeckShieldAlert) October 31, 2023
- Nearly $332 million in various digital assets were lost to exploits, hacks, and scams in September, according to blockchain security firm CertiK.
- The latest exploit comes days after a similar incident hit Maestrobots, a group of cryptocurrency bots on the Telegram messenger app, on October 24th.
- The attackers targeted MaestroRouter on the ETH mainnet and drained 280 ETH worth around $485,000 at the time of the hack.
- The team quickly identified the attack and removed the exploit. Subsequently, the users were reimbursed a day later.