Decentralized finance aggregator ParaSwap has addressed a critical vulnerability in its recently launched Augustus v6 smart contract and has commenced the process of returning cryptocurrency assets to affected users.
In a recent post on X , the team said that all assets have been returned to wallets that were successfully recovered by white hat hackers.
Additionally, permissions to the Augustus v6 contract have been revoked to prevent further exploitation.
While the majority of users have had their assets returned, ParaSwap has identified 213 addresses that have yet to revoke allowances to the flawed contract.
Revoking allowances involves disabling or terminating the contract’s functionality on the blockchain, ensuring it no longer has access to users’ wallets and tokens.
If your wallet “have not received them yet, your wallet is still vulnerable, PLEASE REVOKE ALL RELEVANT PERMISSIONS!” they wrote.
White hack recovery update: Assets have been returned to wallets which have revoked their permissions
If your wallet had assets transferred to 0x66e90d840d7c4f3473e25dd8ca361747058c6db0 and have not received them yet, your wallet is still vulnerable, PLEASE REVOKE ALL RELEVANT… https://t.co/zraj3tSFNe
— ParaSwap (@paraswap) March 24, 2024
The vulnerability in the newly launched smart contract was discovered by ParaSwap last week.
Thanks to the timely intervention of white hat hackers, a significant loss of assets was prevented.
The platform promptly took action by submitting a comprehensive report to the appropriate authorities, initiating an investigation into the stolen funds.
ParaSwap is working closely with blockchain analytics and security firms, Chainalysis and TRM Labs, in an effort to identify the hacker
Read more on cryptonews.com