#8: SushiSwap Incident: A Clumsy Rescue Attempt Leads to a Series of Copycat Attacks

On April 9, 2023, SushiSwap became the target of an exploit due to an Unverified External Parameter. The total loss is about $3.3 million.

#8: SushiSwap Incident: A Clumsy Rescue Attempt Leads to a Series of Copycat Attacks

On April 9, 2023, SushiSwap became the target of an exploit due to an Unverified External Parameter. The total loss is about $3.3 million.

As a leading protocol on Ethereum with a substantial user base, such top protocols are still susceptible to introducing serious new issues during contract upgrades. It's a reminder for the DeFi community that security should always be the top priority. Moreover, this security incident was triggered by a whitehat security researcher's attempt at a rescue, generating considerable debate within the community, and we provide a succinct introduction to this incident, highlighting it as one of the top ten security incidents of 2023.

Background

SushiSwap

SushiSwap, a renowned DEX, launched a vampire attack against Uniswap, achieving tremendous success. At its peak, its TVL reached $8 billion, and it still maintains around $400 million.

Approval

In short: permission for a contract to access and transfer out a specific token from your wallet.

For convenience, many contracts default to ask for unlimited approval. Many users, worried about security risks, only deposit small amounts into various protocols. However, these users grant unlimited funds approval to the protocols, If a protocol is compromised, all approved tokens in the account could be lost.

The Vulnerability

Unverified External Parameter

The RouteProcessor2 contract's processRoute() allows users complete control over the call flow (parameter route) . And in uniswapV3SwapCallback(), the safeTransferFrom()'s parameter from is decoded from the user-provided route. As a result, users who approved the RouteProcessor2 contract lost their assets.

The Attack Process

This incident involved multiple attack transactions, but we'll use the first attack transaction as an example. Transaction: 0x43ff7e01423044cfb501b4fe9ef1386725c0ddc117dadd6e6620cb68bdeaf4f9

  1. The attacker called the vulnerable RouteProcessor2 contract's processRoute() with a carefully constructed long argument route.
  2. processRouteInternal() creates an InputStream based on the route provided by the user.
  3. The transaction followed the attacker's route until reaching swapUniV3(). Note that the pool is decoded from the stream, meaning the attacker controlled which pool to swap() in, setting it as the lastCalledPool.
  4. This called the malicious contract deployed by the attacker, who then simply pass malicious calldata to call back to RouteProcessor2's uniswapV3SwapCallback().
  5. uniswapV3SwapCallback() requires the msg.sender check, but since the lastCalledPool had already been set to the malicious contract, the hacker bypassed the check. Importantly, the safeTransferFrom()'s parameter from was decoded from the attacker-constructed calldata.
  6. Victim's assets are transferred to the malicious contract deployed by the attacker.

Controversial Whitehat Rescue

It’s worth mentioning that a whitehat by the username @trust__90 identified this issue and attempted to rescue funds, but this rescue attempt caused a disaster.

  • Using the mempool to broadcast transactions instead of a private RPC.
  • Attempting to rescue only 100 Ether instead of all at risk.

This opened the door for MEV Bots and other attackers to execute multiple copycat transactions, effectively draining most of the funds. After these events, @trust__90 faced backlash and sought to defend his actions.

BlockSec Rescue

In this attack, we also rescued 100 Ether and returned the funds to the victim, 0xsifu.

To date, we have successfully thwarted over 20 real-world hacks and rescued more than $14,000,000 worth of assets.

Security Recommendations

Upgrades Should Always Be Audited

It's a reminder for the DeFi community that security should always be the top priority. Audits are not a guarantee of security, but the absence of an audit certainly does not ensure safety.

Mitigations for Approve Issue

The year 2023 saw numerous incidents involving approval attacks, and we seize this opportunity to reemphasize the importance of managing approvals. A security practice is to approve only the necessary amounts, or if convenience is a priority, to approve a slightly larger amount than needed.

BlockSec's MetaSuites offers a convenient Approval Diagnosis feature. Additionally, tools like Revoke Cash can be used to regularly check approval statuses.

Adopt Monitoring and Automatic Response Mechanisms

Ethereum is a dark forest, and everyone in the DeFi community faces various risks and challenges, even security experts. In 2023, we launched Phalcon Block, the industry's first automated response system designed not just for monitoring attacks but for actively blocking threats in real-time. Phalcon Block’s battle-tested capabilities have proven their effectiveness by successfully thwarting over 20 real-world hacks and rescuing more than $14,000,000 worth of assets. This innovation ensures that all stakeholders can sleep more soundly at night, knowing that proactive measures are in place to protect their investments.

Read other articles in this series:

Sign up for the latest updates
Join Our Free Hack Defense Game and Block REAL Attacks with Phalcon

Join Our Free Hack Defense Game and Block REAL Attacks with Phalcon

Ready for a LIFE-AND-DEATH battle against hackers?

How Phishing Websites Bypass Wallet Security Alerts: Strategies Unveiled

How Phishing Websites Bypass Wallet Security Alerts: Strategies Unveiled

Explore the two common methods phishing websites use to circumvent the blacklist mechanism of Web3 security wallets.

How to Use Phalcon Fork to Learn the Re-entrancy Attack

How to Use Phalcon Fork to Learn the Re-entrancy Attack

How to use Phalcon Fork to learn Solidity by Example: the Re-entrancy attack as an example