Clipper: Attacked due to a vulnerability in the withdrawal function, rather than the "third-party" claim of private key leakage

2024-12-02 13:45:24

Collection

ChainCatcher news, decentralized exchange (DEX) Clipper clarifies that there was a vulnerability in its withdrawal function, which led to a recent hack of its protocol, resulting in a loss of $450,000, rather than the "third party" claim of a private key leak.

Clipper stated: "On December 1, the attacker exploited two liquidity pools, locking approximately 6% of the total value. A third party claimed there was a private key leak issue. We can confirm that this is not the case and is inconsistent with Clipper's design and security architecture. The withdrawal function in the form of a token (bundled exchange + deposit/withdrawal transactions) has been disabled."

Previously, the co-founder of security company Fuzzland posted on X that Clipper was "hacked due to an API vulnerability (such as private key leakage)," adding that the API might have vulnerabilities that allowed attackers to sign deposit and withdrawal requests, stealing more funds than they deposited.

(Source Link)

Related tags

Clipper vulnerability DEX

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.

2024-12-12 20:50

Slow Fog: DEXX event attackers are continuously exchanging assets and bridging to Ethereum

2024-12-12 18:53

DEXX founder: The suspects in the platform theft case have been identified within the country

2024-12-12 16:51

Compound Finance launches a $1 million bug bounty program

2024-12-12 15:51

Related tags

Clipper vulnerability DEX

Mention the project

Clipper Exchange focused on small traders