RocketSwap On BASE Became The New Victim Of An Attack
According to the initial announcement, the platform detected a strong attack on the server due to the proxy contract used for the farm contract, which has many high-risk rights resulting in the transfer of the farm’s assets.
As a result of the team’s investigation
We are sorry to inform you that the team needed to use offline signatures when deploying the launchpad and put the private keys on the server.
A brute force hack of the server was detected, and due to the proxy contract used for the farm…
— RocketSwap (@RocketSwap_Labs) August 14, 2023
The reason is that the hacker used brute force – mixing characters to form a valid password to take control of the platform. The team worked to close the farm to prevent further damage. The group is currently working on an emergency plan, and the Telegram group has been banned for now.
All the RCKTs in the farming/staking pool were hacked and swapped into WETH. However, the announcement states that the loss of farm assets is only a concern, other than that the DEX is not affected in any way. Specific damage has yet to be determined.
Recently, the platform has updated the immediate solution:
- Re-implement the new farm contract by dropping the authorization contract and open-sourced it on-chain.
- The new farm will advance the plan to reduce production by 0.075 per block. 3. The pool gives up mining rights and retains low-risk rights for new pool allocation.
- Initial liquidity is locked and 80,000 tokens will be renewed for 1 year.
- The team will continue to roll out LaunchPad, with further updates planned.
- Telegram groups will be reopened after stabilization.
- Calling the hacker to return the property to the victim.
The RCKT token has been continuously plunging following the news and has plummeted over 55% in the past 24 hours.
24h RCKT price chart. Source: CoinMarketcap
This is not the first time Coinbase’s layer 2 implementations have been hacked. Earlier, LeetSwap, a decentralized exchange, halted trading to investigate a mining incident that cost liquidity providers 340 ETH.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.