ParaSwap successfully dodges hacking attempt aimed at exploiting vulnerability in Augustus v6 contract

ParaSwap, a decentralized finance (DeFi) aggregator, has revealed that it discovered a vulnerability in its newly launched Augustus v6 contract. The contract, which went live on March 18, aimed to improve swapping efficiency and reduce gas fees. However, hackers were able to exploit the vulnerability and drain funds from approved accounts. Fortunately, ParaSwap acted quickly and paused the v6 API to prevent further loss of funds. They also secured the affected users’ funds through a white hat hack. Despite their efforts, the hacker managed to cash out approximately $24,000 from four different addresses. In total, 386 addresses were affected by the vulnerability. ParaSwap has advised all users to revoke permissions to the Augustus v6 contract until the vulnerability is neutralized. The protocol has also deactivated support for the vulnerable contract on its UI and reverted to using v5. The company has successfully recovered funds for all addresses and will provide more details about the refund process soon. Users are urged to use exploit checker services to confirm their safety. In other news, researchers from Salus Security have found that generative AI tools like ChatGPT-4 are effective at detecting vulnerabilities in code, but they are not fully reliable as security auditors.