A supply chain attack hit SushiSwap’s token platform MISO, according to CTO Joseph Delong. The attacker stole almost $3 million in Ethereum, according to early estimates.
Miso's front-end has become a victim of an attack on the supply chain. An anonymous performer nicknamed GH AristoK3 injected malicious code into miso's frontend. We have reason to believe that this is @eratos1122.
An unauthorized contractor, who goes by the GitHub handle AristoK3, inserted malicious code into the website’s front-end. In this manner, he was able to use one NFT auction – which was centered on Jay Pegs Auto Mart vehicles. Delong has confirmed that all inaccuracies in the listings have been corrected.
MISO, an open-source collection of smart contracts, was developed to assist in releasing new projects on the SushiSwap market. Even though it’s new, this DEX is already huge. Nearly $700 million worth of trades happens in a day.
The culprit seems to have stolen 865.1 ETH tokens from the Ethereum address given by Delong, to which the money was transferred. At today’s values, this sum is worth more than $3 million.
Additionally, SushiSwap’s chief technology officer said that the team has reached out to FTX and Binance to get KYC information, but that so far, the two exchanges have refused to cooperate “on this sensitive matter.” Delong reportedly cautioned that if the money were not returned by 8 a.m. the next morning, the team ordered the lawyer to file an IC3 complaint with the FBI on their behalf.
Nonetheless, it’s essential to note that SushiSwap’s native token saw a drop of more than 9 percent in the hours after its security incident.