Dexible v2 Contracts Hack
Dexible has paused all contract actions and is assessing the full damage caused by a hack on its v2 contracts.
Upgrade to premium
Dexible, a decentralized exchange platform, yesterday (16 February 2023) announced that Dexible v2 is live, and only a day later, they are already investigating a hacking attack on their v2 contracts. Michael, one of the co-founders of Dexible, sent a message at 7:18 AM (UTC +1) on Dexible’s Discord, stating that all contract actions have been paused as the company investigates the situation. Dexible is working to get a full picture of the situation and has promised to follow up with additional details as soon as possible.
Powers, another co-founder of Dexible, later provided additional information, stating that the vulnerability is specific to v2 and that impacted accounts granted infinite allowance to the newest contracts. This allowed the hacker to steal funds from any wallet. As a result, all v2 contracts have been paused until the vulnerabilities can be patched and redeployed.
According to Mitchell, another member of the Dexible team, a total of 17 traders were affected by the hack, with 4 on Ethereum and 13 on Arbitrum. The current total of stolen funds stands at 2,047,635.17 USD.
Today's Dexible hack (17 February 2023) impacted a couple of big whales on Ethereum and Arbitrum blockchain. The impact of the hack on the ecosystem as a whole remains unclear, but it is likely that there will be some form of repayment plan for those who have lost money. However, Dexible has not yet released an official plan for this.
This hack highlights the importance of conducting thorough audits of smart contracts to identify and address vulnerabilities before they can be exploited. Dexible has acknowledged that no formal audit had been conducted on the v2 contracts, but the audits went through a community review process. Dexible is currently assessing the full damage caused by the hack and has paused all v2 contracts until the vulnerabilities can be patched and redeployed.