SingularityDAO developers have confirmed that their ASI migrator smart contract has been exploited, potentially causing financial losses for users.
Exploit in ASI Contract
Early this morning, it was disclosed that the ASI migrator smart contract was exploited. The key vulnerability involves the 'Approve' function, meaning that any past interaction with the ASI migrator carries a financial risk since migration required an unlimited allowance.
Financial Losses
"It seems that the ASI migrator contract has an approval-related bug, which has so far led to the loss of over $37M," security firm PeckShield flagged during Asian morning hours. ASI developers later confirmed the exploit.
Security Measures
Pseudonymous developer of DefiLlama @0xngmi warned that the exploit seems to affect both past and future transactions on the contract. He advises revoking approvals immediately. Meanwhile, SingularityDAO's head of security Ahmed Ali urged users to revoke permissions related to the involved contracts as a security measure, adding that the team is "working with security teams to mitigate the issue."
SingularityDAO developers are taking urgent measures to minimize the impact of the exploit. Users are urged to revoke approvals to mitigate risks.
Comments