The popularity of Unibot, a Telegram bot used for sniping trades on the decentralized exchange Uniswap, came to a halt on October 29 as a new contract was deployed, leading to an unexpected exploit. Unfortunately, this exploit resulted in the loss of approximately $560,000 worth of various memecoins from users. The blockchain analytics firm Scopescan alerted Unibot users about the ongoing hack on October 31, bringing attention to an exploit in the newly deployed contract that drained the crypto holdings of several individuals.
Acknowledging the hack, Unibot issued a statement acknowledging the token approval exploit originating from their new router. In an effort to contain the issue, Unibot promptly paused their router. As investigations by Unibot and blockchain experts continue, Scopescan advised users to revoke approvals for the exploited contract, 0x126c9FbaB3A2FCA24eDfd17322E71a5e36E91865, and transfer their funds to a new wallet.
The hacker responsible for the exploit has been observed converting the stolen memecoins into Ether (ETH), according to blockchain data from Scopescan. A visible effect of these actions is the immediate and significant drop in the price of the UNIBOT token, plunging by 42.7% in just one hour from $57.56 to $32.94. Nevertheless, at the time of writing, there are signs of a recovery attempt in the token’s price.
Unibot, taking responsibility for the exploit, committed to compensating all users who lost funds due to the contract vulnerability. Weekly transaction data reveals that popular cryptocurrencies such as Joe (JOE), UNIBOT, and BeerusCat (BCAT) were among the significant tokens looted. Scopescan also shared valuable information that the address 0x835B, identical to the exploited address, was actively involved in receiving tokens from unsuspecting victims. At the time of writing, Unibot has yet to respond to Cointelegraph’s request for comment.
This unfortunate event bears a resemblance to a recent contract exploit that drained 280 ETH from users of Maestrobots, a group of cryptocurrency bots on the Telegram Messenger app. In an effort to rectify the situation, Maestrobots utilized their own revenue to provide compensation totaling 610 ETH to cover all user losses. The lack of liquidity to repurchase the lost tokens was cited as the reason for this compensatory action. CertiK, a blockchain security firm, confirmed the transactions showing the 334 ETH compensation paid out to users by Maestrobots.
The exploitation of Unibot’s new contract dealt a significant blow to its users, resulting in losses amounting to $560,000. With ongoing investigations, the recovery of funds and prevention of similar incidents become crucial for the Uniswap community. The commitment to compensation from Unibot provides a ray of hope for affected users, while cautionary tales like Maestrobots serve as a reminder of the potential vulnerabilities within decentralized exchanges. Heightened security measures, increased vigilance, and efficient liquidity management are vital for the longevity and trustworthiness of such platforms.
Leave a Reply