A brand new contract deployed on Oct. 29 by Unibot, a well-liked Telegram bot used to snipe trades on the decentralized alternate Uniswap, was reportedly exploited for roughly $560,000 in varied memecoins from customers.
On Oct. 31, blockchain safety agency Scopescan alerted Unibot customers about an ongoing hack on Unibot that went undetected. An exploit on a newly deployed contract by Unibot drained the crypto holdings of a number of customers.
.@TeamUnibot appears exploited, the exploiter transfers memecooins from #unibot customers and is exchanging them for the $ETH proper now.
The present exploit measurement is ~$560K
Exploiter handle:https://t.co/ysyTmgUAit pic.twitter.com/MF85Fdk892
— Scopescan ( . ) (@0xScopescan) October 31, 2023
Unibot later confirmed the hack by revealing preliminary particulars:
“We skilled a token approval exploit from our new router and have paused our router to include the difficulty.”
Amid ongoing investigations from Unibot and blockchain investigators, Scopescan suggested customers to revoke the approvals for the exploited contract (0x126c9FbaB3A2FCA24eDfd17322E71a5e36E91865) and transfer the funds to a brand new pockets.
The hacker is within the means of changing the stolen memecoins into Ether (ETH), blockchain information from Scopescan reveals.
As seen above, the market reacted negatively to the event because the UNIBOT token witnessed a right away 42.7% drop in its value in a single hour — from $57.56 to $32.94. Nonetheless, the token’s value is making a restoration try on the time of writing.
We skilled a token approval exploit from our new router and have paused our router to include the difficulty.
Any funds misplaced as a result of bug on our new router shall be compensated. Your keys and wallets are protected.
We are going to launch an in depth response after investigations conclude.
— Unibot (@TeamUnibot) October 31, 2023
Unibot dedicated to compensating all customers who misplaced funds as a result of contract exploit. Weekly transaction information reveals that cryptocurrencies similar to Joe (JOE), UNIBOT and BeerusCat (BCAT) represented a serious a part of the loot.
Cointelegraph additionally discovered from Scopescan that the handle 0x835B, which is equivalent to the exploited handle, was deployed and is getting used to obtain tokens from unsuspecting victims.
Unibot has not but responded to Cointelegraph’s request for remark.
Associated: Telegram crypto bots achieve momentum available in the market: Binance Analysis
An analogous contract exploit not too long ago drained 280 ETH from customers of Maestrobots, a gaggle of cryptocurrency bots on the Telegram Messenger app.
Within the following days, Maestrobots paid a complete of 610 ETH from its personal income to cowl all of the person losses whereas citing an absence of liquidity to purchase again the misplaced tokens:
“So we compensated affected customers with the ETH equal of their tokens, and boosted that quantity by 20% since you deserve it. These refunds value 334 ETH.”
Blockchain safety agency CertiK confirmed to Cointelegraph that it has been capable of detect the transactions exhibiting the 334 ETH compensation paid out to customers from Maestro.
Journal: Ethereum restaking: Blockchain innovation or harmful home of playing cards?
