RocketSwap Labs unveiled its comprehensive strategy following a significant breach that led to the loss of 471 Ether, equivalent to $865,000, on August 14.
Immediate Response to the Attack
On August 15, the team shared a robust plan of action. Their main steps include launching a new farm contract, which will be transparently available on-chain. They also highlighted their intention to renounce the minting rights, presumably of the RCKT tokens. Furthermore, an official request will soon be made, urging the perpetrators to return the stolen assets.
Blockchain security company, PeckShield, reported that on August 14, a malicious actor made away with approximately 471 ETH. This was moved from Base to the Ethereum network. That wasn’t the end.
The hacker then produced a staggering 90 trillion “LoveRCKT” tokens. A bulk of them and 400 ETH were subsequently moved to Uniswap. This incident was verified by RocketSwap Labs at precisely 11:06 UTC on the same day. Further insights about this breach were provided by PeckShield and another blockchain security enterprise, CertiK, in the following hours.
Root Cause Analysis
RocketSwap Labs attributed the exploit to a brute force offensive against their server. Their statement read, “A brute force hack of the server was detected. Due to the proxy contract linked to our farm contract, multiple high-risk permissions became vulnerable. This resulted in the unauthorized transfer of the farm’s assets. Immediate steps were taken to shut down the farm and halt further potential risks.”
RocketSwap operates as a decentralized exchange on the Base platform. It harbors an ambitious vision: transitioning to a community-driven model via a decentralized autonomous organization (DAO).
In light of such incidents, the crypto community is once again reminded of the importance of stringent security measures and the unpredictable nature of the digital currency landscape.
It is not the first project on Coinbase’s layer 2 to be exploited. The network is off to a rough start, with no immediate improvement.
None of the information on this website is investment or financial advice. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website.