Socket Retrieves $2.3M in ETH Following Bungee Bridge Exploit

cryptonews.com:

Interoperable blockchain network Socket has announced the retrieval of 1,032 Ether tokens worth $2.3 million.

Announcing this development on X (formerly Twitter), the protocol revealed that these digital funds were linked to the January 16 Bungee Bridge exploit, which resulted in the theft of millions of dollars.

FUND RECOVERY UPDATE

We have successfully recovered 1032 ETH from the funds involved in the incident on 16th Jan.

We will release a recovery & distribution plan for users soon.

Big shoutout to everyone who helped us from Seal911, Slowmist, Hexagate, & others:@samczsun…

— Socket (@SocketDotTech) January 23, 2024

The Socket team has affirmed its commitment to releasing a comprehensive recovery and distribution plan for affected users in the near future.

The cyberattack was initially flagged by a user on X, @spreekway, who noted that significant amounts of money had been siphoned off through the Socket/Bungee bridge exploit.

Socket/Bungee approval being exploited rn. several million already gone. attack is ongoing pic.twitter.com/8C25GBPeuo

— Spreek (@spreekaway) January 16, 2024

Providing additional details about the cyberattack, the interoperability protocol explained that it impacted crypto wallets with infinite approvals to its smart contracts.

Meanwhile, blockchain security analytics firm Peckshield documented the incident, estimating the overall loss to be around $3.3 million.

Peckshield also disclosed that the malicious route exploited by the actor was added three days prior, and the Socket protocol has since taken measures to deactivate it.

Delving deeper into the details, the analytics firm noted that the success of the bad actor was largely due to incomplete validation of user input.

Today's hack on @SocketDotTech