WOOFi launches 10% whitehat bounty following $8.5m exploit of its Arbitrum contact

Mar 6, 2024 at 9:37 AM UTC

Edited by Dorian Batycka

News

WOOFi launches 10% whitehat bounty following $8.5m exploit of its Arbitrum contact

The WOOFi development team has acknowledged an exploit of its swap contract on Arbitrum while assuring users that all other WOO contracts remain safe.

WOOFi’s smart contract for swapping tokens on Arbitrum WooPPV2 suffered an exploit, resulting in a loss of $8.5 million worth of crypto, according to Cyvers Alerts. Analysts revealed in an X post on Mar. 6 that the hacker funded its operation through a Tornado Cash-related address in Ethereum (ETH) to cover transactional costs.

https://twitter.com/CyversAlerts/status/1765053098706227635?s=20

Analysis done by the firm also revealed that the hacker has already distributed stolen funds to different externally owned accounts on other blockchains using cross-chain bridges. While the exact nature of the hack remains undisclosed, the WOOFi team stated in a follow-up update that all other WOO contracts are secure.

2/ While we update the contract and secure additional audits, WOOFi Pro, Stake, and Earn remain unaffected and fully operational. Should any WOOFi Earn depositors wish to withdraw their funds, they can do so as usual.
— WOOFi (@_WOOFi) March 5, 2024

The WOOFi team has announced a 10% whitehat bounty for the individual responsible for the exploit. Additionally, a bounty has been announced for any information leading to the identification of the attacker, although the size of the bounty was not specified.

Launched in November 2021, WOOFi is a decentralized exchange that offers both swapping services and trading activities through two different products. Following the news, WOOFi’s native token WOO experienced a nearly 8% plunge to $0.5, according to CoinMarketCap.