- Unleash Protocol suffered from a smart contract exploit, resulting in a $3.9 million loss.
- Initial probe reveals that the attacker bridged the assets to convert them into 1,337.1 ETH, which were later directed to Tornado Cash for obfuscation.
- The investigation into the incident and the recovery of the stolen funds are ongoing.
- Story Protocol’s contracts remained safe during the ordeal, but the incident resulted in a nearly 10% drop in the IP token’s price in the last 24 hours.
Unleash Protocol, an intellectual property finance platform built on Story Protocol (IP), has become the latest victim of an exploit. The network’s official account on X confirmed that unauthorized activity involving the protocol’s smart contracts led to a significant loss of users’ assets.
$3.9M Loss from the Unleash Protocol Hack
Unleash Protocol didn’t specify the value of the compromised assets. However, blockchain security company PeckShield calculated the amount at approximately $3.9 million.
PeckShield also revealed that the perpetrator bridged the stolen funds to Ethereum (ETH). After that, the exploiter directed 1,337.1 ETH to Tornado Cash (TORN) to obfuscate the trail of the stolen funds.
Initial Investigation
Unleash Protocol’s initial investigation on Tuesday claimed that an external address gained administrative control of the platform’s multisig (multi-signature) governance system. From there, the attacker upgraded the smart contracts.
The move resulted in asset withdrawals even without the approval of the Unleash team. It essentially bypassed the protocol’s governance and operational coverage.
The affected crypto assets include WIP, USDC, WETH, stIP, and vIP. Meanwhile, the Unleash team clarified that Story Protocol’s contracts, validators, and underlying infrastructure weren’t compromised. Only Unleash-specific contracts and administrative controls were impaired.
Nonetheless, the incident impacted Story Protocol’s IP token. It resulted in a nearly 10% price decline from $1.64 to $1.48 over the last 24 hours, heading into Tuesday noon.
The network’s governing body decided to halt all network activity on Unleash Protocol to contain the risk. On the other hand, it assured users that it has partnered with independent security experts and forensic investigators to trace and understand the root cause of the exploit.
Additionally, the group is currently conducting a comprehensive review of Unleash Protocol’s multisig signer activities, while reassessing its key management practices and governance procedures. Likewise, it’s evaluating remediation and recovery measures to eliminate further risks and compensate affected users.
Advice to Users
Unleash Protocol recommended users to avoid interacting with its contracts until further notice. Furthermore, it warned them against taking advice from sources outside of Unleash’s official communication channels.
What’s your Reaction?
+1
1
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0
