Days after the hackers launched a malicious attack on the Socket protocol the company was pleased to state that the ongoing recovery process is fruitful. In a January 23 report, the Socket team confirmed that nearly two-thirds of the stolen funds have been recovered.
The Socket team stated that after a collaborative effort to recover the stolen funds the company managed to recover 1032 Ether (ETH) valued at $2.3 million. The good news was shared on Socket’s official X account outlining the progress of the ongoing recovery plan.
Socket Protocol Recover Stolen Assets
The X post demonstrated that the Socket team plans to deliberate on the repayment of the funds to the hack victims. Also, the Socket team recognized the effort made by several on-chain analytic firms in the recovery of the stolen assets.
In the X post, the Socket team pledged to continue working with multiple firms to recover the remaining $1 million. A review of the report from the completed investigations demonstrated that the attackers used an Ethereum address… .97a5 to transfer the fund from the Socket protocol.
The report from the probing team illustrated that the security breach impacted to endless approval on the Socket contract. Unknowingly around 219 users fell for the hacker’s trap and approved the transaction from the Ethereum address under probe.
The PeckShield team claimed that the exploit impacted an incomplete validation of the user. This implies that the user who approved the transaction on the compromised “Socket:Gateway” contract lost a substantial amount of funds.
Overview of Socket Protocol Attack
After probing the matter the PeckShield team noted corrupt “Socket:Gateway” was launched three days before the attack. The security experts advised the users to revoke all the approvals ending with “Socket: Gateway” during the downtime.
The investigators noted that the hackers took advantage of a vulnerability in the Socket protocol to make multiple funds transfers until the user withdrawal limit was reached. Based on the damages caused by the attack the Socket team observed that the hacker also compromised the pre-approved balance on the protocol for financial gains.
Shortly after the attack, the Socket team took emergency administrative actions to suspend all the activities on the contracts. The report indicates that the Socket group worked tirelessly after the hacking incident to identify vulnerabilities in the cross-chain interoperability protocol.
The Socket group teamed up with other security experts to remove the bug on the vulnerable cross-chain protocol. Besides fixing the bug the Socket team engaged in multiple security checks before resuming operations.On the hand the hackers created a fake X account to mislead the Socket users.
Hackers Targeting Cross-Chain Platforms
In the fake tweet, the hackers posted a phishing link that directed the customers to revoke the approval using a malicious app. The fake tweet challenged the intense efforts made by the Socket team to implement adequate security measures.
To ensure the safety of the Socket protocol the security expert advised the customers to take full charge of their accounts. The Socket users are urged to block transaction authorization feature regularly.
With the ongoing development in the digital sector, the developers are targeting to improve the efficiency and performance of cross-chain bridges to streamline the interaction between decentralized protocols.Despite the upgrade the hackers have shifted their focus on the crypto sector to attack vulnerable decentralized apps and cross-chain protocols.
The spate of attack launches on the cross-chain bridges has forced the security expert to leverage their expertise to develop defense mechanisms.