Super Sushi Samurai, a blockchain game set to launch on the layer-2 solution Blast, faced a major setback just hours before its release. The exploit, carried out by a white hat hacker, led to a loss of $4.6 million due to a bug in the smart contract code. The vulnerability allowed an unauthorized party to trigger an infinite mint function, creating an excessive number of tokens that were then dumped into the liquidity pool.
CertiK, an on-chain security firm, confirmed that $4.6 million worth of tokens were affected by the exploit. As a result, there was a significant 99% token value slippage due to the unauthorized token dump. The attacker successfully withdrew 1310 ETH from the token’s main liquidity pool by exploiting the smart contract vulnerability.
Further investigation into the incident revealed that the unauthorized party acquired 690 million SSS tokens and duplicated them 25 times using the platform’s update function. This led to an inflated quantity of 11.5 trillion tokens, which were exchanged for approximately 1,310 ETH. Following the breach, Super Sushi Samurai has been actively communicating with its community through official channels, assuring users that they are working towards resolving the issue.
In a surprising turn of events, it was revealed that the exploit was conducted by a white hat hacker who claimed it was a rescue mission. The hacker is currently in communication with the Super Sushi Samurai team and has expressed intentions to reimburse affected users. The address containing the compromised funds has been disclosed to facilitate tracking and potential recovery of the lost assets. The team is collaborating with the hacker to ensure the safe return of the funds.
A “post-mortem” update from Super Sushi Samurai outlined the extent of the damage caused by the exploit. Negotiations are ongoing to reach a resolution that protects both users and the white hat hacker involved in the incident. The team continues to update the community through official channels, maintaining transparency and actively working towards resolving the cybersecurity breach.
Leave a Reply