Socket cross-chain protocol breached, $3.3m in funds stolen

Fraudsters have breached the security system of the Socket cross-chain protocol.

A security breach of the Socket protocol has led to the loss of millions in crypto after a hacker made use of a verification user input to steal users funds.

Information about the hack appeared on the project’s microblog.

“Socket has experienced a security incident that affected wallets with infinite approvals to Socket contracts. We have identified the issue & have paused the affected contracts.”

Socket team

PeckShield confirmed that at least $3.3 million was affected. They noted that the hack occurred due to incomplete verification of user input, which is used to steal funds from users who approved the vulnerable SocketGateway contract on the site.

After discovering the problem, the developers suspended the protocol. As of the time of writing this review, Socket is working.

The developers reported fixing the intelligent contracts that led to the exploit. The project team promised to return funds to all victims.

Since the beginning of the year, the cryptocurrency industry has already faced several security incidents. In early January, the Radiant Capital Lending Protocol was hacked for 1,900 ETH worth about $4.5 million. PeckShield explained that the attackers took advantage of the time window that appears during the activation of a new lending market.

Orbit Bridge, a gateway bridge protocol, also experienced an unusual outflow of $81.5 million across multiple cryptocurrencies as a result of a major hack.