Shido token faces doomsday following successful crypto staking contract exploit
Like any groundbreaking technology in its early stages, blockchain faces security challenges as it matures. Savvy hackers exploit these weaknesses, wreaking havoc and making off with a massive crypto heist. A blockchain security breach set the crypto community abuzz this week, as the Shido token plummeted by 85% following a successful exploit targeting its Ethereum-based crypto staking contract.
We currently know how the exploit technically happened. We have secured against any further threats against Shido.
— Shido (@ShidoGlobal) February 29, 2024
A thorough investigation on the hacker is ongoing, we request the exploiter to contact Shido for a bounty.
All users that staked SHIDO, will have their tokens… pic.twitter.com/8YcmDL1Ldc
How the attack on the Shido blockchain network unfolded
Blockchain security firm PeckShield first raised the alarm, revealing that hackers managed to achieve and transfer control over the crypto staking contract to a different address. Using this newly established access, the attackers deployed a hidden function within the contract, enabling them to siphon off a staggering 4.3 billion Shido tokens after the owner reluctantly upgraded the contract. The loss represents nearly half of the total supply.
CryptoStake delved deeper into the issue and found that the exploiter's address received its initial funding through cryptocurrencies transferred from the cross-chain protocol Layerswap and later from the Arbitrum blockchain. Additionally, the true identity of the wallet owner who funded the exploiter has been revealed. However, it became apparent that even the wallet owner had been targeted by a hack, as their assets were swiftly transferred before being used to fund the exploiter.
Shido will cover any liquidity loss from earlier this morning, rest assure.
— Bjorn.shido (@BjornSHIDO) February 29, 2024
We have secured any potential threat on our infrastructure.
All stakers will receive their SHIDO tokens. All currently holding SHIDO, will continue to do so. pic.twitter.com/OpcOFNoDC7
In a swift response to the revealed hack, the Shido team issued a statement reassuring users that they would refund all staked crypto. Additionally, they expressed their intention to establish contact with the hackers to discuss a potential bounty. Meanwhile, to mitigate further damage, Shido trading was temporarily suspended on the MEXC exchange, followed by a similar suspension on all other platforms where the token is traded. However, there was some positive news later in the day, with an announcement that trading had resumed on Uniswap.
The aftermath of the attack on Shido, and blockchain exploits on a broader scale
The exploit triggered a cascade effect, with the Shido token price nosediving from $0.008 to a mere $0.0014, resulting in an 82% loss within a single day. This incident serves as a stark reminder of the vulnerability faced by blockchain projects and underscores the importance of robust security measures.
This attack isn't an isolated event. Just recently, the Serenity Shield project also became a victim of theft, losing millions in SERSH tokens. Similarly, Radiant Capital and Gamma Strategies suffered losses earlier this year due to separate exploits.
While the Shido team has expressed their intent to compensate affected users, the incident raises concerns about the future of the project and the broader DeFi space. As the Web3 space continues to evolve, strengthening security protocols and implementing rigorous audits will be critical to ensure the safety of user funds.