Jul 2024 - MonoSwap Malicious Kakao Call Software - $1.3m (Global)
"MonoSwap represents a meticulously crafted ecosystem-centric, yield-driven Decentralized Exchange (DEX) and Launchpad seamlessly integrated with the robust Blast framework.
Distinguished by its highly efficient and customizable protocol, MonoSwap provides builders and users alike with the unparalleled ability to harness our bespoke infrastructure, fostering deep, sustainable, and adaptable liquidity. Going beyond conventional DEX designs, MonoSwap stands out by offering a uniquely tailored approach that places a premium on composability, redefining the landscape of decentralized financial solutions."
"Blast ecosystem DEX MonoSwap disclosed on Twitter that the platform has been hacked. Users are advised not to add liquidity or stake. If you have any staking positions, please withdraw them immediately to avoid financial loss."
"Yesterday, one of our developers installed a phishing app to join a call with scammers who pretended to be a VC. The attackers installed the botnet into his office PC, which has access to all MonoSwap-related wallets and contracts. The hackers then withdrew most of the staked liquidity positions, causing damage to the protocol."
"The hacker has bridged the stolen funds from BLAST to Ethereum & already laundered 371 $ETH (worth ~$1.3 million) via #TornadoCash."
"ALERT: MonoSwap has been hacked. DO NOT add liquidity or stake in our farming pools at the moment.
If you have any staked positions, please withdraw immediately to avoid funds loss."
"We are investigating the attack right now and will soon announce the next moves. We were trying to work with VCs to build a better future for MonoSwap. However, unfortunate things happened and now we are trying our best to solve this issue."
"New contracts for our v2 + v3 AMMs were deployed and will be migrated to the UI in 48 hours.
We are working to deploy new contracts for Lottery, MonoChest, MonoPass, Dividends, MONO, and xMONO.
A snapshot was taken and users will receive newly deployed assets directly in their wallet. A detailed timeline will be published soon in our Discord.
For now, please withdraw all of your positions left on previous contracts.
We are having internal discussions on recovery plans for impacted users. Please stay tuned for more info in the coming time."
Further Analysis
MonoSwap is a liquidity provider on the Blast smart chain. On or before July 24th, the team was approached by what was believed to be a venture capital fund to install Kakao Chat software for their meeting. Instead of legitimate meeting software, this software contrained malware that allowed the computer to be remotely controlled and exploited. This remote access was used to obtain private key information from the protocol, which was used to withdraw all funds. Funds were promptly converted and transfered to TornadoCash.
How Could This Have Been Prevented?
More Cryptocurrency Exchange Hacks/Scams/Frauds
TinTinLand Twitter Account Compromise > > < < dYdX Exchange DNS Hijacking Attack
Sources/Further Reading
SlowMist Hacked - SlowMist Zone (Dec 31)
Monoswap (Dec 31)
┃Overview | MonoSwap Docs (Dec 31)
@monoswapio Twitter (Dec 31)
@monoswapio Twitter (Dec 31)
@monoswapio Twitter (Dec 31)
@ZKaffein Twitter (Dec 31)
@NftCelestials Twitter (Dec 31)
@BSCNheadlines Twitter (Dec 31)
@ChainAegis Twitter (Dec 31)
@jina_coin Twitter (Dec 31)
@De_FiSecurity Twitter (Dec 31)
@AppBreadcrumbs Twitter (Dec 31)
https://www.breadcrumbs.app/reports/12027 (Dec 31)
Blast protocol MonoSwap announces hack with link to attacker’s website (Dec 31)
Monoswap: MUSD Token | Address 0x837fe561e9c5dfa73f607fda679295dbc2be5e40 | Blastscan
(Dec 31)
Ethereum Transaction Hash (Txhash) Details | Etherscan
(Dec 31)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|