Team Finance Hacked For $14.6M: Details
- Crypto platform Team Finance has been exploited for a total of $14.6 million and the hacker took advantage of a vulnerability in the Uniswap v2 to v3 migration protocol.
- The launchpad’s team has reached out to the hacker’s address to discuss the possibility of the attacker accepting a bounty for exposing the issues with the protocol.
- All the funds are safe but the platform has been halted and everything is working, from withdrawals to rewards.
Crypto token launchpad Team Finance has been hacked for close to $14.6 million, as per the confirmation from the development team, and the funds are now safe. This marks another hacking event before the month of October ends, making it the worst month for crypto protocols in 2022 and possibly one of the worst in the history of the industry.
As per a Twitter announcement from the Team Finance official Twitter account on Thursday, the hacker took advantage of a bug in the Uniswap v2 to v3 mitigation protocol which caused them to implement an exploit and made away with the funds. The launchpad’s team has reach out to the hacker’s address and are yet to get a reply from the unidentified entity.
“We have just been alerted of an exploit on Team Finance. We are currently unsure of the details. We urge the exploiter to get in contact with us for a bounty payment. We are working to analyze and remedy the situation at this very moment,”
said Team Finance in a Twitter post.
Additionally, Team Finance has asked the hacker to return the funds and accept a percentage of the same as bug bounty. A bug bounty is a reward that is given to a white hat hacker a part of revealing vulnerabilities in a DeFi protocol or an algorithm or an infrastructure of an entity based on the blockchain technology.
“$14.5M USD of tokens were exploited through the audited v2 to v3 migration function. We have temporarily paused all activity through team finance until we are certain this exploit has been remedied. All funds currently on Team Finance are not at further risk of this exploit,”
said the crypto launchpad platform.
Furthermore, as per additional updates shared by the Team Finance creators, all the funds are safe but the platform has been halted to ensure the safety. However, this halt is temporary and functions will be resumed once everything is normal. It is also crucial to note that the team was fast enough to identiy the breach within an hour of the exploit and the vulnerability has been patched as well.
In a note, the platform added that the audit of the contract was done by a well-reputed firm but did not divulge the name of the auditor. Furthermore, all the other tokens, stablecoins, functions, withdrawals, and reward claims are working perfectly fine and the only problem has been rectified. Also, the exploiter’s address has been blocked with the help from EtherScan and also, Team Finance has contact crypto exchange to look for the address and block any transactions related to the same.
It is currently unclear if the hacker is ready to cut a deal and accept the bounty for the exposing the vulnerability. The hacker of Mango Markets, a Solana-based decentralized crypto exchange, recently cut out a deal with the development team and as per a governance vote has ended with 96.6% of participants supporting the deal, the hacker will be paid $47 million as bounty in exchange for the remaining funds.