paint-brush
SushiSwap’s Token Launchpad, MISO, Deceived by $3 Million Hackby@alihatanveer
315 reads
315 reads

SushiSwap’s Token Launchpad, MISO, Deceived by $3 Million Hack

by Aliha TanveerSeptember 23rd, 2021
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

The number of breaches and frauds in the cryptocurrency market have surged towards their highest count in 2021, rising in parallel to the growth in the market itself to the value of more than $2 trillion! The most targeted cryptocurrency when it comes to attacks is none other than bitcoin, accounting for 33.3% of fraud cases. After that, the second most targeted crypto is ethereum, logging 36 or 12.8% of the breaches during the time span of the past 10 years. The chief technology officer of the decentralized finance (DeFi) platform SushiSwap claimed that the hacker(s) compromised the supply chain of its token launchpad platform called MISO.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail

Coins Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - SushiSwap’s Token Launchpad, MISO, Deceived by $3 Million Hack
Aliha Tanveer HackerNoon profile picture

Sadly, we all are only halfway through 2021, and the world has faced plenty of attacks till now. Between leaked data, major disruptions, and hefty ransom demands, 2021 has observed major ransomware and crypto attacks during its 1st half.  Cases of breaches and frauds in the cryptocurrency market have surged towards their highest count in 2021, rising in parallel to the growth in the market itself to the value of more than $2 trillion!

So far in 2021, 32 incidents of fraud and hacks to a more than $2.99 valuation have taken place. According to an analysis from Crypto Head that keeps track of the information and writes guides related to the cryptocurrency market, the evolving cryptocurrency hack incidents are about to surpass the 38 incidents encountered in 2020 with that figure representing a 40.7% climb from 2019. 

$19.2 billion has been stolen through fraud and breaches in the past decade. The most targeted cryptocurrency when it comes to attacks is none other than bitcoin, accounting for 33.3% of fraud cases. After that, the second most targeted crypto is ethereum, logging 36 or 12.8% of the breaches during the time span of the past 10 years. 

A crypto technical writer at Crypto Head, James Page, wrote that the number of decentralized finance breaches is increasing by leaps and bounds because this new technology is more open to potential weaknesses.  

With that being said, recently, 

“The token platform of a popular DEX SushiSwap, MISO, has become the latest hack victim with $3 million in Ethereum(ETH) stolen”

About SushiSwap and Miso

Before getting into the unfortunate incident, let’s have a brief knowledge about ShushiSwap and MISO. Software running on Ethereum, SushiSwap seeks to incentivize a network of users to utilize a platform where they can sell and buy crypto assets. SushiSwap, just like Balancer and Uniswap, utilizes a collection of liquidity pools to permit the purchase and sale of crypto assets. First, the user locks up assets into smart contracts. Then, traders buy and sell cryptocurrencies from those liquidity pools, exchanging one token for another. SushiSwap, one of the most evolving decentralized finance (DeFi) platforms, permits users to trade cryptocurrencies without the requirement of a central operator administrator. 

Talking about MISO, it is a suite of open-source smart contracts. These are created to simplify the process of launching a new project on the SushiSwap exchange. The agenda of MISO is to drive new capital and trade to the exchange by accelerating the charisma of SushiSwap as a platform for token creators, and communities to launch new project tokens. 

Destructive DeFi Hack

“The chief technology officer of the decentralized finance (DeFi) platform SushiSwap, joseph Delong claimed that the hacker(s) compromised the supply chain of its token launchpad platform called MISO”

According to him, the anonymous contractor with GH handles AristoK3 introduced malicious code into the Miso front end, substituting the auction wallet address with their subsequently acquiring 865 Ether (ETH) priced at $3 million. EtherScan can be used to validate that data. The hacker exploited the single target of a parody NFT project duplicating the value of a 2007 Kia Sedona, the Jay Pegs Auto Mart token auction.  

When that unfortunate incident was encountered, the former senior software engineer at ConsenSys termed it “the toughest day of my life so far”. He also claimed to have little support from the top-notch crypto exchanges, Binance and FTX, in his pursuit of capital. 

Joseph Delong expressed his suspicions publicly that the hacker’s identity is web developer Erotos and blockchain. Individuals have yet not answered the accusations.  It is worth noticing that after the hack, SushiSwap’s native token dropped by more than 9%. 

Just prior month, after coming across a severe vulnerability within the auction contract of the BitDAO token sale, a white have security programmer saved the SushiSwap protocol from a potentially destructive hack worth $350 million, again via its token launchpad platform MISO. that exploitation was not discovered by a hacker fortunately and the sale continued without any sort of disturbance. The event didn’t showcase the biggest wrong step taken by the team security operation as the white hat described. 

However, on 17th September 2021, Joseph Delong tweeted that, 

“100 ETH has been returned to the Sushi multi-sig. Hoping the attacker sends the rest soon.”



My Verdict 

These destructive attacks are never going to completely stop but that does not mean the government or business should sit ideal and do nothing. I was glad to know that the U.S. Treasury Department is finally planning new guidance and sanctions to deter ransomware hackers from profiting from attacks.  Moreover, there are likely to be new mandates against terror financing and money laundering that set aim on scaling back the utilization of digital currency in ransomware. Other illicit practices are also expected by the end of this year. 

The Biden administration takes into account the acceleration in cyberattacks and considers them as a threat to national security with health and financial institutions joined by the national beef producer JBS and major fuel colonial pipeline as major ransomware victims in 2021. 

At the heart of it all, it’s high time for businesses and the government to take appropriate actions for the enhancement of security protocols and to deter these evolving cyberattacks. Sophisticated cybersecurity measures need to be acquired to avoid unauthorized access and disastrous vulnerabilities. It’s crucial so that people can invest in their preferred tokens without any fear of being hacked.