header banner
Default

A flaw exists in the Telegram trading tool Unibot


Table of Contents

    Unibot, a well-known Telegram bot for Uniswap trading, suffered an approval vulnerability on Tuesday, resulting in a loss of tokens valued above $600,000.

    A newly deployed contract was compromised, leading to the loss of several meme coins belonging to users. 

    The firm pinpointed the problem as a “token approval exploit” from its new router, which led them to momentarily halt the router to address the issue.

    “We experienced a token approval exploit from our new router and have paused our router to contain the issue,” the team said on X.

    “Any funds lost due to the bug on our new router will be compensated. Your keys and wallets are safe.”

    PeckShield initially detected the exploit, revealing that the attacker transferred the stolen tokens to Uniswap and moved the funds to crypto mixer Tornado Cash. 

    The attacker appears to have exchanged the tokens for about 355.75 ETH, equal to around $640,000, according to the blockchain security firm. 

    Meanwhile, analytics firm Scopescan pegged the size of the exploit at $560,000. 

    While inquiries continue, Scopescan and Beosin recommended that impacted users revoke permissions for the compromised contract and move their assets to a safer wallet.

    SlowMist, another security firm, stated that the attack was a result of missing essential parameter verifications, allowing the attacker to move tokens that users had authorized for the Unibot contract.

    The UNIBOT token was last down nearly 30% at $44.01 as of 5:20 a.m. ET on Monday, data from Blockworks Research showed.

    The team expects to provide a detailed update once the investigation is complete, with a Telegram admin mentioning a potential update in the upcoming 24 hours.


    Don’t miss the next big story – join our free daily newsletter.

    Tags
    • exploit
    • Telegram
    • Trading

    Sources


    Article information

    Author: Luis Ward

    Last Updated: 1700012042

    Views: 1224

    Rating: 3.9 / 5 (67 voted)

    Reviews: 85% of readers found this page helpful

    Author information

    Name: Luis Ward

    Birthday: 1978-09-11

    Address: 5413 Hansen Crest, Barneschester, MS 78355

    Phone: +4693767552761906

    Job: Marketing Manager

    Hobby: Crochet, Ice Skating, Card Games, Playing Guitar, Table Tennis, Arduino, Aquarium Keeping

    Introduction: My name is Luis Ward, I am a lively, accomplished, sincere, dear, talented, strong-willed, exquisite person who loves writing and wants to share my knowledge and understanding with you.