Rubic DEX aggregator hack leads to $1.4m of user funds stolen
Cross-chain decentralized finance (DeFi) protocol Rubic was compromised, resulting in funds stored in its user’s addresses being siphoned out and transferred to the hackers.
On Dec. 25, Rubic protocol announced that one of its routing contracts was compromised and all contracts would be stopped until the situation is fully understood. The announcement read:
Dear Rubicans, One of our routing contracts might be compromised. All contracts will be stopped until we understand the situation fully. Please don't use https://t.co/rDZSZrTUTe. Revoke https://t.co/F8QMpyd517 ASAP via https://t.co/hwLI2Cwkt1
— Rubic (@CryptoRubic) December 25, 2022
The protocol’s creators also advised their users to revoke contract authorization through the revoke.cash tool. A Twitter thread by blockchain cybersecurity firm PeckShield explains that a vulnerability in the Rubic protocol led to a loss of $1.41 million worth of funds directly from the wallets that authorized its smart contracts.
2 comments