In the latest development of the SushiSwap RouteProcessor2 contract attack, MetaSleuth reported on Twitter that 0xsifu (sifuvision.eth) lost 1800 ETH.
However, the first attacker (0x9deff) has returned 90 ETH out of the stolen 100 ETH. BlockSec also stepped in and helped recover 100 ETH, which will be returned soon.
Negotiations are currently ongoing between sifuvision.eth and c0ffeebabe.eth. Most of the stolen funds were traced to beaverbuild, rsync-builder and Lido: Execution Layer Rewards Vault.
As previously reported, PeckShield tweeted that there was an Approve-related vulnerability in the SushiSwap RouteProcessor2 contract, which caused the former Frog Nation CFO 0xsifu to lose more than $3.3 million (about 1900 ETH).
PeckShield has urged users to revoke permissions associated with contracts starting with 0x044b7 to avoid further losses.
The SushiSwap community has been closely monitoring the situation and taking steps to mitigate the impact of the attack. The return of 90 ETH by the first attacker is seen as a positive development, and efforts are underway to recover the remaining stolen funds.
Negotiations between sifuvision.eth and c0ffeebabe.eth are being closely watched, with stakeholders hoping for a fair resolution. Meanwhile, BlockSec’s involvement in recovering stolen funds is seen as a positive step towards mitigating the impact of the attack.
A vulnerability in the SushiSwap RouteProcessor2 contract has raised concerns about the security of decentralized finance (DeFi) protocols. It highlights the need for thorough auditing and strong security measures during the development and deployment of smart contracts.
The SushiSwap community and other DeFi projects are expected to learn from this incident and implement additional security measures to protect user funds.