The attack, which occurred on March 9, 2024, according to SlowMist, happened through the exploitation of a vulnerability in the system responsible for handling trades
Unizen, a crypto company offering a decentralized trading experience through its Unizen Trade platform, has announced it will provide instant reimbursement to users affected by the $2.1 million hack.
Dear unizen community,
After an arduous weekend, we have made the strategic decision to make over 99% of those affected from our community completely whole with immediate effect.
Our CEO / Founder, Sean Noga, has decided to loan Unizen the majority of the immediate… pic.twitter.com/d9GyaH3j8Y
— unizen (@unizen_io) March 11, 2024
The attack, which occurred on March 9, according to SlowMist, happened through the exploitation of a vulnerability in the system responsible for handling trades on the Ethereum blockchain network, enabling the hackers to gain unauthorized access and cart away with people’s funds. Users of the platform were then warned to revoke approval of transactions from the suspected wallet immediately. SlowMist further confirmed that the perpetrators have since converted the funds from the stablecoin USDT to DAI, an Ethereum-based stablecoin.
🚨SlowMist Security Alert🚨
Due to an open external call vulnerability, @unizen_io has been exploited, losing around $2.1M. Please revoke approval for 0xd3f64baa732061f8b3626ee44bab354f854877ac ASAP!Currently, the attacker has swapped the stolen USDT for DAI, but has not moved… pic.twitter.com/T0QARp0QkD
— SlowMist (@SlowMist_Team) March 9, 2024
In response to this ugly event, Unizen has taken immediate and decisive action. The crypto exchange platform has, therefore, admitted the situation and is currently working towards managing it and enhancing its security measures to prevent similar attacks in the future. Unizen announced on their X platform that the company has taken a strategic decision to reimburse 99% of those affected. The release confirmed that the CEO and founder of Unizen has loaned the exchange platform with the majority of the reimbursement funds.
The reimbursement, which is starting today, March 11, 2024, is said to follow a particular protocol in which victims who lost $750,000 or less in equivalent value will receive immediate reimbursement, while those with higher losses will have their situations handled on a case-by-case basis in order to effectively manage the situation.
Identifying the Culprit and Improving Security
In a different post on X, Unizen’s chief technology officer Martin Granström revealed that the exchange company is working towards identifying the hacker. He also revealed that they are working towards improvement and upgrade on the security of their platform, stating:
“We’ve collected a ton of evidence and have enough to proceed with the post-mortem. We’re working with third party security firms and law enforcement to track down the identity of the hacker…It has been decided that we will invest a lot more in ensuring the security with every upgrade introduced, no matter the risk assessments and internal reviews. We owe it to our users.”
It can be recalled that Unizen is not the first crypto exchange platform that has faced a similar security breach. Recently, it was announced that OKX suffered a loss of over $2 million due to hacking. Therefore, as the cryptocurrency industry matures and gains mainstream adoption, the need for robust security measures and effective incident response protocols becomes increasingly paramount. Exchanges and platforms must remain vigilant and prioritize the safety and protection of user funds to maintain trust and confidence in the digital asset ecosystem.