Analysts at blockchain security firm Blockaid say the front-end of Ambient Finance has allegedly been targeted by hackers.
Ambient Finance (formerly CrocSwap), a decentralized cryptocurrency exchange backed by Circle Ventures and Jane Street, has seemingly suffered a front-end hacker attack, allowing bad actors to embed malicious code, blockchain security firm Blockaid alarmed in an X post on Oct. 17.
🚨 URGENT: We have detected a potential frontend attack targeting @ambient_finance.If you're connected, please refrain from signing transactions and avoid interactions with the dApp until the issue is resolved. More updates soon. pic.twitter.com/Y42gjyW7Vn
— Blockaid (@blockaid_) October 17, 2024
Following the news, the Ambient Finance team confirmed the issue in their Discord server, stating they are currently “investigating ” the incident. The extent of the attack is still unknown, and it remains to be seen whether there are any victims. Users are advised to refrain from interacting with the site, as hackers could gain unauthorized access to funds.
According to Blockaid, the attackers are utilizing the Inferno Drainer kit and have set up a command-and-control server “specifically for this attack.”
The incident comes just a few hours after Radiant Capital, a decentralized finance project built on LayerZero, reported over $50 million in losses due to an attack by unknown individuals. According to a web3 security startup Ancilia, the hack likely originated from a backdoor contract deployed on the BNB Chain (formerly Binance Smart Chain) network.
Founded in 2021, Ambient Finance raised over $6 million in a seed round in 2023, achieving a valuation of $80 million. The funding round was led by Blocktower and included participation from Jane Street, Circle, Tensai Capital, Naval Ravikant, Yunt Capital, Susa Ventures, Quantstamp, and Hypotenuse Labs, among others.
Read more: US prosecutors push for 5 year prison sentence for Bitfinex-hack mastermind