Socket Tech security breach affects multiple dapps and wallets

The bridging protocol is integrated into other services, but only for users granting unlimited approval

by Macauley Peterson /
article-image

Blockworks

share

Cross-chain infrastructure protocol Socket.Tech suffered an exploit on Jan. 16, affecting various Web3 apps.

The attack targeted the Bungee Exchange, a frontend to the Socket Protocol which bridges between Ethereum and 12 EVM chains, resulting in a loss of about $3.3 million.

A hacker exploited a vulnerability in the SocketGateway part of the system, which allowed them to take money from users who had given permission to that component, without the users’ knowledge or consent.

Blockchain security firm PeckShield first reported the theft at 2:26 pm ET, which was then confirmed by Socket Tech about 30 minutes later.

Read more: ‘Wallet drainer’ code added to Ledger library has crypto on edge

Only a subset of users who interacted with a vulnerable bridging route added to the protocol in recent days and granted the gateway access to an unlimited amount of tokens were affected — about 200 victims based on a dashboard created on Dune Analytics.

The worst hit wallet saw $656,000 USDC drained to the attacker’s wallet, which then swapped all stablecoins into ether, an asset that cannot be frozen.

The attacker, whose wallet was funded from privacy-preserving exchange FixedFloat, essentially found a weak spot in how the system checked and processed user data, using this to illicitly access and transfer funds.

The route was subsequently disabled to prevent further exploitation, and service to the protocol was restored after about 6 hours.

Loading Tweet..

In addition to Bungee, Socket’s bridging protocol is employed by third-party dapps such as wallets from Rainbow and Zeal, however both these prevented downstream effects by only invoking approvals for specific asset values in a transfer — which is considered best practice.

Loading Tweet..

Rainbow wallet recommended users revoke permissions using the Revoke Cash tool, out of an abundance of caution.

The Socket team has promised a full post-mortem analysis, and said its other “top priorities” are “doing right by our users” and “recovery of funds.”

“We are deeply sorry for the turbulence caused,” they said.

Updated Jan. 26 at 6:35 am ET: The estimated tally of victims was revised lower after publication, closer to 200 than 700 as initially reported.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.

Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Digital Asset Summit 2025

Javits Center North | 445 11th Ave

Tues - Thurs, March 18 - 20, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

Unlocked by Template.jpg

Research

Bitcoin Expressivity with BitcoinOS

The BitcoinOS team is the first to have developed and posted a ZK-compressed proof on the Bitcoin network. Other proof verification efforts have been limited to the Signet or testnet deployments. Their work has resulted in the development of BitSNARK, a software library for ZK-compressed fraud proofs on the Bitcoin network. The project aims to provide a horizontal scaling solution, offering a one-stop shop for teams interested in developing a rollup on Bitcoin. This approach shares similarities with the horizontal tech stack scaling in other ecosystems like Cosmos and Optimism, particularly in its focus on simplified verification, bridging standards, and lightweight interoperability.

by 0xMims

/

news

article-image

Analysis

Crypto monthly active addresses are hitting all-time highs: A16z

A16z’s State of Crypto report shows that DeFi has the largest number of daily active addresses, with stablecoins following closely behind

by Katherine Ross /
article-image

DeFi

Conduit sees path to gigagas throughput with new sequencer

G2 is delivering real-world performance breakthroughs at 50-100 Mgas/s, Conduit says

by Macauley Peterson /
article-image

Analysis

Memecoin conceived by AI trumps Trump-linked token sale

World Liberty Financial’s token sale debuted just as an absurd AI-fueled memecoin captured crypto’s attention

by David Canellis /
article-image

Empire Newsletter

World Liberty Financial’s presale overshadowed by memecoin-shilling AI

Plus, would crypto be better out of the limelight?

by Katherine Ross&David Canellis /
article-image

Policy

Coinbase continues with SEC lawsuit over denied FOIA request 

Coinbase hired History Associates in 2023 to assist in retrieving records from the SEC and FDIC

by Casey Wagner /
article-image

Forward Guidance Newsletter

VP Harris’s latest crypto comments fall short on details

Hours after pledging to support Black men’s rights to safely invest in crypto, VP Harris’s Monday night speech mentioned blockchain zero times

by Casey Wagner&Ben Strack /