Days after the hackers launched a malicious attack on the Socket protocol the company was pleased to state that the ongoing recovery process is fruitful. In a January 23 report, the Socket team confirmed that nearly two-thirds of the stolen funds have been recovered.
The Socket team stated that after a collaborative effort to recover the stolen funds the company managed to recover 1032 Ether (ETH) valued at $2.3 million. The good news was shared on Socket’s official X account outlining the progress of the ongoing recovery plan.
Socket Protocol Recover Stolen Assets
The X post demonstrated that the Socket team plans to deliberate on the repayment of the funds to the hack victims. Also, the Socket team recognized the effort made by several on-chain analytic firms in the recovery of the stolen assets.
In the X post, the Socket team pledged to continue working with multiple firms to recover the remaining $1 million. A review of the report from the completed investigations demonstrated that the attackers used an Ethereum address… .97a5 to transfer the fund from the Socket protocol.
The report from the probing team illustrated that the security breach impacted to endless approval on the Socket contract. Unknowingly around 219 users fell for the hacker’s trap and approved the transaction from the Ethereum address under probe.
The PeckShield team claimed that the exploit impacted an incomplete validation of the user. This implies that the user who approved the transaction on the compromised “Socket:Gateway” contract lost a substantial amount of funds.
Overview of Socket Protocol Attack
After probing the matter the PeckShield team noted corrupt “Socket:Gateway” was launched three days before the attack. The security experts advised the users to revoke all the approvals ending with “Socket: Gateway” during the downtime.
The investigators noted that the hackers took advantage of a vulnerability in the Socket protocol to make multiple funds transfers until the user withdrawal limit was reached. Based on the damages caused by the attack the Socket team observed that the hacker also compromised the pre-approved balance on the protocol for financial gains.
Shortly after the attack, the Socket team took emergency administrative actions to suspend all the activities on the contracts. The report indicates that the Socket group worked tirelessly after the hacking incident to identify vulnerabilities in the cross-chain interoperability protocol.
The Socket group teamed up with other security experts to remove the bug on the vulnerable cross-chain protocol. Besides fixing the bug the Socket team engaged in multiple security checks before resuming operations.On the hand the hackers created a fake X account to mislead the Socket users.
Hackers Targeting Cross-Chain Platforms
In the fake tweet, the hackers posted a phishing link that directed the customers to revoke the approval using a malicious app. The fake tweet challenged the intense efforts made by the Socket team to implement adequate security measures.
To ensure the safety of the Socket protocol the security expert advised the customers to take full charge of their accounts. The Socket users are urged to block transaction authorization feature regularly.
With the ongoing development in the digital sector, the developers are targeting to improve the efficiency and performance of cross-chain bridges to streamline the interaction between decentralized protocols.Despite the upgrade the hackers have shifted their focus on the crypto sector to attack vulnerable decentralized apps and cross-chain protocols.
The spate of attack launches on the cross-chain bridges has forced the security expert to leverage their expertise to develop defense mechanisms.
All trademarks, logos, and images displayed on this site belong to their respective owners and have been utilized under the Fair Use Act. The materials on this site should not be interpreted as financial advice. When we incorporate content from other sites, we ensure each author receives proper attribution by providing a link to the original content. This site might maintain financial affiliations with a selection of the brands and firms mentioned herein. As a result, we may receive compensation if our readers opt to click on these links within our content and subsequently register for the products or services on offer. However, we neither represent nor endorse these services, brands, or companies. Therefore, any disputes that may arise with the mentioned brands or companies need to be directly addressed with the respective parties involved. We urge our readers to exercise their own judgement when clicking on links within our content and ultimately signing up for any products or services. The responsibility lies solely with them. Please read our full disclaimer and terms of use policy here.