WOOFi disclosed an $8.75 million exploit on its swap service operating on Arbitrum. In response, the team extended an offer to the unknown attacker, proposing a 10% white hat bounty in exchange for the return of the funds.
The decentralized finance platform WOOFi revealed an attack on its swap service on the Arbitrum network. This exploit led to a loss of approximately $8.75 million in cryptocurrencies.
Exploit on WOOFi Swap Platform: A Summary
On Tuesday, an unknown attacker manipulated WOOFi’s Synthetic Proactive Market Making (sPMM) algorithm, exploiting low liquidity on the Arbitrum network. This manipulation significantly impacted the price of the WOO token.
The attacker utilized flash loans to borrow approximately 7.7 million WOO tokens and other assets, selling them on WOOFi. This action caused the sPMM algorithm to incorrectly assess the value of the WOO token at near-zero prices.
Taking advantage of this abnormal pricing, the attacker conducted multiple swaps totaling 10 million WOO tokens at minimal costs, resulting in substantial illicit gains.
Upon detection of the anomaly by WOOFi’s transaction monitoring system and other crypto security teams, WOOFi Swap’s smart contracts were swiftly suspended around 11 am ET. This action aimed to prevent further losses and initiate an investigation.
The sPMM algorithm, designed to mimic centralized exchanges’ dynamics, encountered an unexpected error in its interaction with WOO’s liquidity conditions on Arbitrum, enabling the exploit, according to the team’s assessment.
Despite the incident, other WOOFi products such as WOOFi Stake, Earn, and Pro remain unaffected and operational.
WOOFi’s Response to the Exploit
Offer of White Hat Bounty: In response to the incident, WOOFi extended an offer to the attacker, proposing a 10% white hat bounty for the return of the stolen funds. The team emphasized its commitment to addressing vulnerabilities before redeploying the WOOFi Swap contracts.
Focus on Security Measures: “We will collaborate with top security firms to ensure these vulnerabilities are detected earlier,” the team stated. They acknowledged that this incident was a first for them and expressed their determination to prevent similar occurrences in the future.
Market Impact and Recovery: Following the exploit, the price of each WOO token on various exchanges experienced an 18% drop, plummeting from $0.59 to $0.49. However, it has since rebounded to above $0.54, indicating initial market recovery.
⚠️Disclaimer
This content aims to enrich readers with information. Always conduct independent research and use discretionary funds before investing. All buying, selling, and crypto asset investment activities are the responsibility of the reader.