ParaSwap, a decentralized finance aggregator, has successfully addressed a critical vulnerability in its recently launched smart contract called Augustus v6. As a result, the platform has started returning crypto assets to its users. The team at ParaSwap posted an update on March 24, stating that they have returned all assets to the wallets that were recovered by white hat hackers. They have also revoked permissions to the flawed contract.
Despite these efforts, there are still 213 addresses that have not yet revoked allowances to the flawed contract. Revoking allowances essentially disables the smart contract’s functionality on the blockchain, preventing it from accessing users’ wallets and tokens. ParaSwap is strongly urging these addresses to take the necessary steps to revoke their allowances to protect their assets.
Last week, ParaSwap discovered the vulnerability in the Augustus v6 smart contract. Fortunately, white hat hackers intervened promptly and prevented a significant loss of assets from the platform. In a separate update, ParaSwap mentioned that they have submitted a comprehensive report to the appropriate authorities, initiating an investigation into the stolen funds.
To assist in the recovery process, ParaSwap is collaborating with blockchain analytics and security firms Chainalysis and TRM Labs. They are actively working to identify the hacker addresses and trace the movement of the stolen funds. The team has also contacted the hacker addresses through on-chain messaging, requesting the return of the stolen user funds. If there is no response from the hacker by March 27, ParaSwap stated that they will assume the funds were illegally appropriated and will take legal action to recover them.
Initially, the losses were reported to be small, with the hackers managing to steal only $24,000 before the vulnerability was discovered. The vulnerability in the Augustus v6 smart contract was detected by ParaSwap on March 20, just a few days after its launch on March 18. The platform took immediate action by pausing the application programming interface (API) and securing the funds through a white hat hack.
ParaSwap is dedicated to ensuring the security and integrity of its platform. By addressing the vulnerability and actively working to recover stolen funds, they are demonstrating their commitment to protecting their users’ assets. Users are advised to revoke their allowances to the flawed contract to mitigate any potential risks.
