The decentralized crypto exchange Clipper (DEX) has been hit by a hack in which $450,000 was stolen. The attack was made possible by a vulnerability in the platform’s recording function. Clipper emphasizes that there was no leak in the private key, as previously suggested by third parties.
What happened?
On December 1, Clipper discovered that two liquidity pools had been exploited. The hacker managed to steal approximately 6% of the total locked value. The remaining pools remained unaffected, and the vulnerability has now been resolved.
The withdrawal function, which allowed withdrawals in the form of a single token via a combined swap and deposit/withdrawal transaction, turned out to be the weak spot. Clipper immediately disabled this feature to prevent a recurrence.
Response to allegations
Previously, Chaofan Shou, co-founder of security firm Fuzzland, suggested that the hack was due to an API vulnerability, similar to a private key leak. Clipper refuted this claim, emphasizing that the platform’s design and security architecture preclude such a scenario.
What now?
Clipper has temporarily paused swaps and deposits to investigate the incident. Withdrawals remain possible, but must take place within the balance of the pool. The team behind Clipper is working to trace the stolen funds and has called on the hacker to contact them for consultation.
Despite this recent hack, the total number of crypto thefts in 2024 remains lower than last year. Total losses through the end of November amounted to $1.48 billion, down 15% from the same period in 2023, according to a report from Immunefi.
Responses are not forthcoming
Shipyard Software Inc., the company behind Clipper, has not yet responded to requests for comment. Shou also provided no further explanation. Clipper has assured users that it is thoroughly investigating the matter and will continue to update on its progress.
Claim €10 free and have a chance to win €200 in Sui (SUI)!
Grab this unique opportunity with Newsbit and Bitvavo! Create an account now via the button below, deposit €10 and immediately receive €10 free. But that’s not all: by trading at least €200 between December 2 and 8, you automatically have a chance to win as much as €200 in Sui (SUI). This promotion is valid for both new and existing customers!
Claim your €10 free, have a chance to win €200 in Sui (SUI)
Don’t miss this opportunity to immediately benefit from the growing popularity of Crypto!
Source: https://newsbit.nl/decentrale-beurs-clipper-gehackt-450-000-buitgemaakt-door-kwetsbaarheid/
