Unizen Pledges Reimbursements After $2.1M Loss in Platform Breach

cryptonews.com:

Decentralized finance (DeFi) protocol Unizen has taken swift action in response to a recent security breach that resulted in the loss of approximately $2.1 million in user funds. 

Following the compromise, Unizen pledged to reimburse affected users who lost up to $750,000, aiming to restore confidence in its platform and uphold its commitment to user protection.

Dear unizen community,

After an arduous weekend, we have made the strategic decision to make over 99% of those affected from our community completely whole with immediate effect.

Our CEO / Founder, Sean Noga, has decided to loan Unizen the majority of the immediate… pic.twitter.com/d9GyaH3j8Y

— unizen (@unizen_io) March 11, 2024

On March 9, the blockchain analytics firm PeckShield identified an “approve issue” within the DeFi platform, signaling unauthorized access and the drainage of over $2 million in funds. Promptly, security advisories were issued, urging users to revoke approvals to mitigate further losses. 

Another blockchain security firm, SlowMist, investigated and confirmed that the total losses amounted to around $2.1 million, attributing them to an open external call vulnerability. 

The hacker exploited an external call vulnerability within the Ethereum-based contract, converting the stolen USDT to DAI. The funds remain stationary, with users urged to revoke any approvals associated with the hacker’s address to prevent additional losses. 

In response to the breach, Unizen acknowledged the incident and assured users that the team was working diligently to enhance platform security and prevent future breaches. The company has established a dedicated form to address concerns from affected users and cautioned against communicating with unofficial Unizen