Cross-chain DeFi exchange ChainSwap has been drained of roughly $8 million after a critical vulnerability in its smart contract was exploited by malicious actors.
After gaining access to the protocol, the attacker(s) sold tokens belonging to other projects through several exchanges.
The attack was carried out using the token ASAP and affected a wide variety of tokens and projects in the process. Following the attack, the ChainSwap team took to Twitter to warn its users not to purchase the platform’s native ASAP token for the time being while an investigation is on. In the meantime, the project’s Ethereum to Binance Smart Chain Bridge has been frozen.
Although the company claims that individual wallets are safe, the send and withdrawal functions are yet to be reopened. Meanwhile, the team has disclosed that it would put a compensation plan in place for the impacted tokens, adding that new ASAP tokens would be airdropped to affected holders.
This is the second time that the protocol is coming under attack. Eight days before the second attack, ChainSwap was exploited to the tune of $800,000.
Attacks on DeFi protocols are growing to become a regular occurrence in the crypto space. Millions have been lost to hackers over the past few months.