Cryptocurrency launchpad hit by $3 million supply chain attack

by
Ax Sharma
from Ars Technica - All content on (#5PNEH)
austin-distel-EMPZ7yRZoGw-unsplash-800x5

Enlarge (credit: Austin Distel)

SushiSwap's chief technology officer says the company's MISO platform has been hit by a software supply chain attack. SushiSwap is a community-driven decentralized finance (DeFi) platform that lets users swap, earn, lend, borrow, and leverage cryptocurrency assets all from one place. Launched earlier this year, Sushi's newest offering, Minimal Initial SushiSwap Offering (MISO), is a token launchpad that lets projects launch their own tokens on the Sushi network.

Unlike cryptocurrency coins that need a native blockchain and substantive groundwork, DeFi tokens are an easier alternative to implement, as they can function on an existing blockchain. For example, anybody can create their own "digital tokens" on top of the Ethereum blockchain without having to recreate a new cryptocurrency altogether.

Attacker steals $3 million in Ethereum via one GitHub commit

In a Twitter thread today, SushiSwap CTO Joseph Delong announced that an auction on MISO launchpad had been hijacked via a supply chain attack. An "anonymous contractor" with the GitHub handle AristoK3 and access to the project's code repository had pushed a malicious code commit that was distributed on the platform's front end.

Read 14 remaining paragraphs | Comments

index?i=bD-0l8mYLVQ:xrqqNeK0HyU:V_sGLiPB index?i=bD-0l8mYLVQ:xrqqNeK0HyU:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments