October 31, 2023

Unibot Hack: $560K Loss, Exploit Details, and Impact on Price

Ethan Williams
Written byEthan WilliamsWriter
Researched byNikos PapadopoulosResearcher


Recent data reveals that Team Unibot, a trading bot enabling users to buy and sell tokens on Uniswap V3 through their Telegram apps, has fallen victim to an exploit. The hacker responsible for the attack has transferred meme coins from Unibot users and exchanged them for ETH, resulting in a loss of $560K.

Unibot Hack: $560K Loss, Exploit Details, and Impact on Price

Wallet Address and Activity

The wallet address associated with the hacker's transfers is 0x413e4fb75c300b92fec12d7c44e4c0b4faab4d04. This address currently holds a total balance of $583,762. It is worth noting that the wallet has been inactive for the most part, with a sudden surge in transfers occurring on October 31, 2023. The news of the hack has had a significant impact on the price of the UNIBOT token, causing it to plummet by over 40%.

Hack Details

According to a Beosin Alert, the exploit was made possible through a CALL injection, which allowed the attacker to send malicious call data to the 0xb2bd16ab() method, enabling them to move tokens approved for Unibot contracts. Additionally, the hacker has been receiving 1ETH gas from FixFloat, a cryptocurrency exchange known for its fast transactions. By exploiting users' cryptocurrencies, the attacker has been able to exchange them for Ethereum (ETH).

Unibot's Response

Unibot has issued an advisory to its users, acknowledging the token approval exploit that occurred on their new router. As a result, the usage of the router has been temporarily halted to prevent further damage. The team has assured users that any funds lost due to bugs on the new router will be compensated, and they have confirmed the safety of users' keys and wallets. A comprehensive report will be released once the investigation is concluded. In the meantime, Unibot advises its users to review and revoke any approvals for the contract 0x126c9FbaB3A2FCA24eDfd17322E71a5e36E91865 and transfer their funds to a new wallet as soon as possible.

Exploiter's Contract and Funding

The exploiter's contract was deployed by the Unibot team two days ago. It is worth noting that the exploiter received funding from fixfloat, a crypto mixer, approximately five months after the launch of Unibot.

Impact on Unibot

Following the news of the exploit, the price of Unibot has experienced a significant decline, dropping by 24.58% to $43.13 at the time of writing. However, the trading volume over the past 24 hours has seen a substantial increase of 927.29% to $37.12 million.

About the author
Ethan Williams
Ethan Williams

Ethan Williams, a lively 24-year-old lad from the UK, brilliantly fuses his passion for online casinos with top-notch English localisation, creating bespoke casino guides for Britain's keen gaming lot.

Send mail
More posts by Ethan Williams
undefined is not available in your country. Please try:

Latest news

Shibarium: Thriving Community, Impressive Growth, and Increased SHIB Burn Rate

Shibarium: Thriving Community, Impressive Growth, and Increased SHIB Burn Rate