Unibot Security Exploit, Hacker Swaps $560K Tokens For ETH

Unibot Security Exploit, Hacker Swaps $560K Tokens For ETH

According to recent data, Team Unibot, a trading bot that facilitates the buying and selling tokens on Uniswap V3 by DeFi users directly from their Telegram apps, appears to have been exploited. Furthermore, the hacker seems to have transferred meme coins from Unibot users, exchanging them for ETH, as of writing. Notably, the current value of the tokens exploited amounts to $560K.

What’s More?

The wallet address making these transfers, 0x413e4fb75c300b92fec12d7c44e4c0b4faab4d04, has a total account balance of $583,762. Moreover, the wallet address has been inactive most of the time, with the recent jump in transfers dated October 31, 2023. In response to the hacking reports, the price of the cryptocurrency trading bot token, UNIBOT, plummeted by more than 40%.

According to a Beosin Alert, the hack’s underlying issue is a CALL injection, which allows an attacker to send malicious call data to the 0xb2bd16ab() method to move tokens approved for Unibot contracts.

In addition to this, the exploiter seems to have been receiving 1ETH gas from FixFloat, a cryptocurrency exchange facilitating superfast transactions. According to Etherscan information, the exploiter is transferring users’ cryptocurrencies and exchanging them for Ethereum (ETH).

Also Read: Chainlink Price Shoots 6% With Ascending Triangle Breakout, Next LINK Target At $15?

Unibot Issues Advisory For Users

According to a statement released by Unibot, the team witnessed a token approval exploit from their new router resulting in the stoppage in the usage of that router. The team justified this decision by emphasizing the curbing of damages caused.

Moreover, the organization stated that any funds lost due to bugs on their new router must be compensated, and the remaining keys and wallets belonging to users are completely safe. A detailed report will be released soon after the investigation is completed.

The firm advises its users to check and revoke any approvals for the contract 0x126c9FbaB3A2FCA24eDfd17322E71a5e36E91865 and transfer funds to a new wallet ASAP.

As of writing, it is known that the exploiter’s contract was deployed 2 days ago by the Unibot team. Moreover, the exploiter was funded around five months ago, following the launch of Unibot, by fixfloat, a crypto mixer.

Meanwhile, the Unibot price slumped 24.58% to $43.13 during writing today, while its volume over the past 24 hours rocketed 927.29% to $37.12 million.

Also Read: Bittrex Gains Court Nod For Bankruptcy Plan, What’s Next?

✓ Share:

CoinGape comprises an experienced team of native content writers and editors working round the clock to cover news globally and present news as a fact rather than an opinion. CoinGape writers and reporters contributed to this article.

The presented content may include the personal opinion of the author and is subject to market condition. Do your market research before investing in cryptocurrencies. The author or the publication does not hold any responsibility for your personal financial loss.


Leave a Reply

Your email address will not be published. Required fields are marked *

error: Content is protected !!