- Solana-based Aurory loses 80% liquidity in Camelot’s AURY-USDC pool.
- SyncSpace bridge hacked; $600k AURY withdrawn and market-sold on Arbitrum.
- Swift response disables SyncSpace, safeguarding user funds, with ongoing investigations.
Aurory, a Solana-based gaming ecosystem, has fallen victim to a significant security breach resulting in an 80% loss of liquidity in its AURY-USDC pool.
The breach targeted the SyncSpace Aurory Bridge on Camelot’s native DEX Arbitrum, prompting a swift response from the project team.
Here’s a breakdown of the incident and the measures being taken.
SyncSpace Aurory Bridge Hack
The Aurory team detected suspicious activity on its marketplace, leading to the discovery of the exploit in the platform’s buy endpoint.
The malicious actor managed to manipulate the SyncSpace Aurory bridge, boosting their $AURY balance and withdrawing approximately 600k tokens to the Arbitrum network.
Subsequently, the attacker executed a market sell, liquidating the entire stolen amount.
See Also: HNT Surges 19%, Price Cooldown Expected
To contain the breach, SyncSpace has been temporarily disabled for maintenance, freezing asset deposits and withdrawals.
Fortunately, no user funds or NFTs are at risk, as the stolen $AURY originated from a team wallet designated for withdrawals by accounts without prior deposits.
The team acted swiftly to absorb sell pressure through their market maker and pool rebalancing, ensuring the exploiter has no remaining tokens to sell.
Despite SyncSpace undergoing an audit months ago by a top-tier security firm, the breach raises questions about how this vulnerability eluded detection.
Just a few hours ago, our team detected unusual activity on our marketplace. After quickly investigating, we discovered that a bad actor was able to exploit our marketplace’s buy endpoint, allowing them to increase their $AURY balance in SyncSpace. This allowed them to withdraw…
— Aurory (@AuroryProject) December 17, 2023
Impact on AURY token
In response to the breach, the AURY token experienced a 17% drop to $1.17, recovering some value later. The team is diligently buying back tokens as investigations proceed.
Looks like $aury got exploited via their syncspace bridge on the arbitrum side (pool is on @CamelotDEX) h/t to @0xGeeGee for noticing
the exploiter oppenheimer'd the chart, bottom buyers did 5x in 45m and now the whole pool is whack with very little liquidity @AuroryProject ?? pic.twitter.com/kvN0kwh8oq
— Shual (@0xShual) December 17, 2023
The incident has fueled discussions within the crypto community about the security of decentralized ecosystems.
The Aurory team assures users that a detailed post-mortem analysis will follow once the fix is complete and investigations conclude. SyncSpace is expected to be back online in the coming days, with plans for an Amber patch announcement and an end-of-year event for Seekers of Tokane.
Disclaimer: The information provided is not trading advice. Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.
Disclaimer: The information provided is not trading advice, Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.