- A glitch in the Telegram game Super Sushi Samurai caused its LP wallets to be emptied of $4.6 million.
- Any user may send all of their cash back to themselves using the flaw, which would quadruple their value.
A flaw that lets users to double their own cash caused the liquidity provider wallets of an idle Telegram game called Super Sushi Samurai to empty for $4.6 million.
“It has to do with mint; we have been taken advantage of. We continue to investigate the code. In order to fund the LP, tokens were created and sold,” the project’s official X account stated.
The token contract contained a flaw, according to Coffee, a Yuga Labs smart contract developer. A user’s funds would double if they transferred the whole balance to themselves in their wallet.
It appears that the attacker carried out this exact action before using the money to deplete the liquidity on decentralized exchanges. The newly created tokens were sold by the attacker for 1,310 wrapped ether, or $4.6 million at the current exchange rate.
It’s possible that the money won’t be lost totally. The individual who took the money issued a note claiming that the hack was a whitehat rescue attempt. They indicated that users should be refunded and provide contact information. The project declared that it had gotten in touch with the abuser.
The game is hosted on the Blast network and is played over Telegram. Incentives come from a combination of a trading tax, a Blast onchain transaction fee refund, and the yield that ether in the LP pool produces.
Disclaimer : This article was created for informational purposes only and should not be taken as investment advice. An asset’s past performance does not predict its future returns. Before making an investment, please conduct your own research, as digital assets like cryptocurrencies are highly risky and volatile financial instruments.
