Over $1.42 million hacked from multi-chain wallet project UvToken

UvToken, a multi-chain wallet project, has lost $1.45 million due to a smart contract exploit.

UvToken, a multi-chain crypto wallet, has been hacked for 5,011 BNB tokens (1.45 million), with the funds already routed into authorized crypto mixer Tornado Cash.

This comes in the midst of a flurry of hacks and exploits this month, which appears to be a particularly bad month for DeFi projects.

According to security firms Ancilia and Peckshield, the incident occurred on the BNB Chain blockchain on Thursday morning around 1 a.m. ET time.

#web3 #hacks 1/ Our system detected a suspicious tx from
0xF3E3ae9A40ac4Ae7B17B3465F15ecF228eF4F760

which gain over 5,011 BNB from this txhttps://t.co/S5UbqzQ83p pic.twitter.com/CMZ42IEOkh
— Ancilia, Inc. (@AnciliaInc) October 27, 2022

UvToken acknowledged the exploit, claiming that its “staking project” had been compromised. It is currently investigating the exploit with security teams. According to PeckShield, UvToken allows users to stake the native token into a specific contract.

In addition, PeckShield mentioned that the attacker most likely took advantage of the UvToken staking contract’s failure to properly authenticate input data.

Hi, @UvTokenOfficial: you may want to take a look (The funds are being drained w/ ~$1.5M) https://t.co/49ENFkGI0v
— PeckShield Inc. (@peckshield) October 27, 2022

As per the firm, the contract may have contained a logic error that enabled the hacker to make a malicious call and seize the funds.

The latest exploit adds to the long list of exploits that have plagued the cryptocurrency sector this month.

TagsCrypto Hacker

Roland Guirdonan

Roland is a Public Relations & Communications guru with an immense passion for the blockchain and crypto industry. A fusion of his expertise and passion led to the dawn of Optimisus in 2020.