- ParaSwap has avoided a potential hack on its V6 contract.
- The platform discovered a critical vulnerability in the contract.
- The vulnerability could have led to a colossal loss.
Decentralized finance (DeFi) aggregator ParaSwap has averted a potential hack targeting a critical vulnerability in its Augustus V6 contract, the platform said on Wednesday.
ParaSwap launched the Augustus V6 contract on March 18 as a major update to optimize gas efficiency, integrate scalability, and enhance safe trading . Two days after the launch, the platform discovered a critical vulnerability in the contract, allowing hackers to drain funds when approved.
ParaSwap Responds Swiftly to Contract Vulnerability
According to an X (Twitter) update issued on March 20, ParaSwap paused the August V6 contract after discovering the vulnerability and successfully recovered funds for all addresses at risk.
“We took immediate action by pausing the V6 API and conducting a white hack that secured funds for users who were at risk. These funds are now securely held in a Safe Wallet 0x66E90d840D7C4F3473E25dD8ca361747058c6Db0 and will be shortly refunded to users,” ParaSwap wrote.While 386 addresses were exposed to the vulnerability, the hackers managed to compromise four and steal digital assets valued at $24,000, ParaSwap said.
As a precautionary measure to prevent further funds loss, the ParaSwap team urged users to revoke permissions to the Augustus V6 contract using services like Revoke Cash until the vulnerability is fully neutralized.
In the meantime, ParaSwap has reverted to using its V5 contract after deactivating the support for the vulnerable V6 contract on its recently updated user interface (UI). The platform promised to share details about the refund process for affected users later.
Stay updated on how much crypto hackers stole in February:
Crypto Hackers Bag $104.73M from Over 20 Attacks in February
Read about Pig butchering scams and learn how to stay safe:
Pig Butchering Scams: Beware of These Red Flags
