A smart contract on decentralized finance (DeFi) protocol Sushi's exchange services was exploited early Sunday, developers said in a tweet.
The exploit specifically involves the 'RouterProcessor2' contract, which is used to conduct trade routing on the SushiSwap exchange.
"It seems the SushiSwap RouterProcessor2 contact has an approve-related bug, which leads to the loss of >$3.3M loss," security firm PeckShield in Asian morning hours on Sunday, which Sushi developers later confirmed.
As per several tweets from multiple security firms, the $3.3 million apparently came from a single user, @0xsifu, a popular trader in Crypto Twitter circles.
DefiLlama developer @0xngmi said Sunday that the exploit only seemed to impact users who approved Sushiswap contracts in the past 4 days.
Recommended for you:
- A Dozen Reasons Why the SEC Should Have Approved Grayscale's Spot Bitcoin ETF
- FINRA Targets Crypto Communications After FTX Collapse
- Warner Bros. transformara la pelicula original de “El Senor de los Anillos” en una experiencia Web3
- Join the Most Important Conversation in Crypto and Web3 in Austin, Texas April 26-28
Meanwhile, SushiSwap head developer Jared Grey asked users to revoke permissions for all contracts on SushiSwap as a security measure, adding the team was "working with security teams to mitigate the issue."
Sushi's RouteProcessor2 contract has an approval bug; please revoke approval ASAP. We're working with security teams to mitigate the issue. https://t.co/WhXJfa5xD4
— Jared Grey (@jaredgrey) April 9, 2023
