RocketSwap, a decentralised exchange (DEX) ingrained in both the Coinbase native blockchain and Ethereum-based network Base, posted on X yesterday morning regarding an "anomaly" within its decentralised finance (DeFi) farms. The platform fell victim to a hacking incident that resulted in losses surpassing $865,000, a staggering amount attributed to a breach of their private keys, reportedly stemming from their online servers.
This incident has cast a shadow over Base, an Ethereum layer-2 solution that garnered immense attention in the wake of its mainnet launch just last week. Touted as an innovative project incubated by Coinbase, Base had generated considerable excitement among developers and users alike during its debut. Showcasing its potency, the Layer 2 protocol unveiled with an impressive array of over 100 decentralised applications (dApps). However, what was initially a remarkable feat has rapidly transformed into a cautionary tale, as these very projects have found themselves ensnared in the crosshairs of opportunistic scammers within a mere week.
Shedding light on the incident in an update by RocketSwap, it was revealed that the breach was orchestrated through a "brute force hack" targeting the project's server, a repository of private keys integral to the protocol's operations. The implications of this intrusion were profound, as the attackers successfully assumed control over the protocol's farm feature, effectively executing a transfer of a substantial quantity of users' assets.
In the wake of this breach, RocketSwap promptly initiated a series of responsive measures. The protocol's immediate action included the deactivation of the farm feature, a strategic move to curtail any further unauthorised access. Furthermore, in a bid to ensure streamlined communication channels and maintain a focus on rectification efforts, the decision was made to temporarily shut down the Telegram channel.
The RocketSwap team unveiled an emergency programme aimed at navigating through the aftermath of the breach thereafter. Central to their plan are a series of decisive measures designed to restore faith in the project. A prominent facet involves the introduction of a novel farm contract, an innovation that will be conspicuously available on-chain.
In a gesture that resonates with principles of decentralisation, the team made clear their intent to relinquish the minting rights, a crucial step likely pertaining to the governance and issuance of RCKT tokens. By embarking on this path, they seem poised to address any potential concerns about the concentration of power and control.
Notably, an official appeal is in the pipeline — a call to the perpetrators themselves. This forthcoming request is designed to elicit the return of the assets that were unlawfully seized.
Then during yesterday evening, RocketSwap updated that “any existing high risks and vulnerabilities have been eliminated,” and that funds are safe.
The continuous updates showed that the “initial liquidity lock time has been extended by a year” while “minting rights have been waived”.
They are specialised pools that offer an avenue for liquidity providers to reap augmented rewards in the form of the protocol's native RCKT tokens.
In the wake of the DeFi exploit on the Base Chain, PeckShield stepped forward with definitive information. The breach's impact was starkly quantified: a total of 471 ETH, equivalent to approximately $867,464.25, was siphoned from Rocketswap, an unsettling occurrence that traversed from Base to Ethereum. However, the saga did not conclude there. The hackers unfurled a jaw-dropping twist by generating a staggering 90 trillion "LoveRCKT" tokens — a move that intensified the complexity of the incident.
#PeckShieldAlert The @RocketSwap_Labs exploiter has grabbed ~471 $ETH and bridged them from #Base to #Ethereum, and then created the token $LoveRCKT, the exploiter already supplied 90T $LoveRCKT and 400 $ETH to #Uniswaphttps://t.co/z12YlLjbsnpic.twitter.com/Wxaph6lcuD
— PeckShieldAlert (@PeckShieldAlert) August 15, 2023
a
The majority of these newly minted tokens, along with 400 ETH, embarked on a journey to Uniswap, a move of both strategic and economic significance. Oddly, traders exhibited an unexpected enthusiasm even in the aftermath of the hacker's deployment. LoveRCKT, the cryptocurrency associated with the breach, experienced a rapid surge in value. Within a single day, its price tripled, catapulting from $0.00000001 to $0.00000003. However, the elation was fleeting, as the price encountered a stark reversal, plummeting by over 90%.
As the day progressed, RocketSwap Labs rigorously investigated and validated the incident, solidifying the timeline of discovery on the same day.
In the swift hours that followed, the narrative acquired further depth and context. PeckShield, bolstering its role as a trusted source, and CertiK, a blockchain security enterprise, emerged to contribute nuanced insights.
Source: CertiK
Insights provided by the Web3 security firm Beosin illuminate the mechanics behind the breach. Evidently, the exploiters gained access to the funds through a breach in the private keys, exposing a vulnerability in the very core of the system. As part of their audacious manoeuvre, they subsequently routed the tokens to Ethereum utilising the Stargate bridge — a strategic move that underscores the interconnectedness of blockchain ecosystems.
An hour ago, PeckShield updated that the exploiter has sold over 2.5 LoveRCKT tokens.
#PeckShieldAlert The @RocketSwap_Labs exploiter ($LoveRCKT deployer) has sold 2.5T #LoveRCKT for 20.33 #WETHpic.twitter.com/ZtiS4Vrb97
— PeckShieldAlert (@PeckShieldAlert) August 16, 2023
a
In response to the aftermath of the exploit, the project undertook a dual-pronged approach to managing communication channels. Apart from deactivating comments on Telegram, they extended this measure to X as well. The decision, however, came under the scrutiny of the community, eliciting robust critique for seemingly limiting communication avenues in the wake of the breach.
In the realm of Web3 projects, as well as for individual participants, safeguarding private keys stands as a paramount security imperative. The recommended approach entails preserving private keys or confidential passphrases in offline storage to mitigate the potential risks of compromise. In a notable departure from this best practice, RocketSwap opted to store its private keys on a server — a choice that subsequently paved the way for a significant compromise. The ramifications of this suboptimal security measure have reverberated widely within the community, drawing criticisms from its members.
Have you ever wondered how hackers try to break into accounts or systems? One way they do this is through a method called a brute force attack. It is like a digital version of trying different keys until one finally opens the door. In the cyber world, a brute force attack involves a hacker systematically trying out various passwords, logins, or encryption keys until they hit the jackpot. Trial and error basically.
Hackers can use computers to rapidly test countless combinations, hoping that sooner or later, they stumble upon the right one. The term "brute force" stems from the idea of attackers relentlessly hammering away at the digital lock, much like a determined force trying to break down a physical barrier.
The RocketSwap incident underscores the pressing need for an in-depth exploration of security vulnerabilities within emerging platforms, as well as the broader implications for the cryptocurrency landscape as a whole.
The team’s latest post on X stated that they are “collecting damaged addresses and amounts in the farm” and are in the midst of discussing “compensation options.”
Chainlink's Digital Asset Sandbox offers a secure, rapid environment for financial institutions to conduct tokenization trials, significantly reducing the time needed to develop and launch digital asset innovations.
EdmundBinance surpasses $100 billion in user assets despite regulatory hurdles. Emphasizing transparency and security, it claims a debt-free capital structure and operates Binance Labs independently.
EdmundUSDC surges globally, fueled by rising liquidity and demand beyond the U.S. Backed by Coinbase, its supply grows significantly, indicating growing market relevance.
EdmundDespite China's crypto crackdown, a 2023 Kyros Ventures report shows 33.3% of Chinese investors favor stablecoins, ranking second after Vietnam at 58.6%, indicating a high risk appetite. 70% state cryptocurrencies make up over half of their portfolios.
JoyFriend.tech TVL dropped to US$33.98 million, a 19.5% decrease from US$42.25 million on November 18, within the last two days.
OliveGenesis creditors are cautiously optimistic that they will soon reach consensus with the lender to reimburse at least $3.4 billion in frozen customers.
BeincryptoChatGPT is the latest step towards a world of infinite, customizable content, all generated by artificial intelligence.
The GeneralistA music-focused NFT marketplace hopes to bring fans and artists closer together, combat ticket scalping, and host glitzy, immersive concerts in the Metaverse.
CointelegraphJosh Katz said that ticketing is one of the most compelling use cases for NFTs as it can prevent fraud.
CointelegraphCoinbase CEO Brian Armstrong is looking for enhanced efficiency from its internal teams, noting that rapidly growing firms often become complacent and slow.
Cointelegraph