• Thu. Oct 12th, 2023

Merlin Was Hacked After the Certik Inspection

Avatar photo

ByEsme Greene

Apr 28, 2023
Merlin Was Hacked After the Certik Inspection
Esme Greene
Latest posts by Esme Greene (see all)

After approving a smart contract code audit from a security company called Certik, Merlin Decentralized Exchange (DEX) Powered by zkSync – Blockchain Scaling Solutions Ethereum – was compromised. More than $1.82 million worth of damage was caused by the incident.

What Is Known About the Attack

The event happened shortly after the platform’s primary income-generating farming pools went live. The Merlin codebase underwent a security re-audit, which CertiK finished on April 24.

The exchange’s creators said they were looking into a potential attack and advised customers to revoke their authorization for all smart contracts. They said they would give further details soon. 

Although an audit is unable to prevent issues with private keys, professionals are always aware of projects’ best practices, according to CertiK. If fraud is discovered, CertiK will alert the appropriate authorities.

Operators of the other zkSync-based DEX, eZKalibur, also claimed the discovery of malicious code at the same time that was to blame for the money loss. Two lines in the code permit a particular address to send an infinite quantity of tokens from the contract address, they pointed out. 

Since specialists contend that the identification of such a flaw in the code should have been flagged as serious or even critical, the developers of eZKalibur questioned the caliber of the audit performed by CertiK.

How to Apply Cybersecurity Measures

Cybersecurity experts advise regular internet users not to enter suspicious websites, especially not to perform downloads from unknown resources. Corporations, however, must look into cybersecurity solutions for the companies. It is important to remember that the hackers develop their new strategies as fast as the cybersecurity methods become more and more advanced.

Avatar photo

Esme Greene

Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.