Breach, DNS hijack
Days in Operation:
Mad Meerkat Finance (MM.Finance) has the largest ecosystem on Cronos with its DEX, Yield Optimizer, NFT, Algo Stablecoin & DTF. MM Finance reported a frontend breach and requested its users not to perform any transactions or the funds will be sent to the exploiter wallet. The developers also asked the users to revoke its contract 0xbd872533Db178Ff7657Bf0057f25ABC4Ff6f904c.
The exploiter managed to inject a malicious contract address into the front-end code, and approximately $2M USD+ worth of digital assets has been compromised and bridged over to the Ethereum network via multichain followed by Tornado Cash. The attacker achieved this exploit through a DNS vulnerability to modify the router contract address in their hosted files. This resulted in users who interacted with MM.Finance site, which started from May 4th, 07:28 PM UTC to lose funds on performing: Swaps, Adding liquidity and Removing liquidity.
Post mortem conducted by the company identified the source address funded the exploit to OKX Exchange. The developers offered the exploiter 10% of the loot for the return of the remaining funds.
DISCLAIMER: While web3rekt has used the best efforts in aggregating and maintaining this database, this web site makes no representations or warranties with respect to the accuracy or completeness of its information and data herein, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose.
Under no circumstances, shall web3rekt be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the data and information derived from this database.