SushiSwap Witnesses $3 Million Cryptocurrency Theft

The storyline

• The attacker made one malicious code commit to Sushi’s private GitHub repository (miso-studio), thus, leading to the theft of 864.8 Ethereum tokens (worth $3 million).
• The stolen amount was being transferred by an automobile company on MISO’s auction portal.
• In a surprising twist, just a few hours after the hack, the attacker’s $3 million wallet balance started to drop. The amount was deposited back into the cryptocurrency reserve of SushiSwap in chunks of 65 ETH, 100 ETH, and 700 ETH.
• It was revealed that entire funds were sent back to the firm by the attacker in a single day. But this may not be the case every time, experts noted.

Recent supply chain attacks

• According to Sonatype’s report, software supply chain attacks on crypto exchanges are growing. The significant increase in supply-chain attacks is due to the exploitation of vulnerabilities in these platforms.
• Recently, pNetwork (a cross-chain decentralized finance protocol) suffered an attack that resulted in the loss of 277 pBTC. The stolen cryptocurrency is worth over $12 million at present prices.
• Last month, around $611 million worth of cryptocurrency was stolen from a decentralized cross-chain protocol and network. The targeted firm was identified as Poly Network.

Conclusion