The WOOFi development team has acknowledged an exploit of its swap contract on Arbitrum while assuring users that all other WOO contracts remain safe.
WOOFi’s smart contract for swapping tokens on Arbitrum WooPPV2 suffered an exploit, resulting in a loss of $8.5 million worth of crypto, according to Cyvers Alerts. Analysts revealed in an X post on Mar. 6 that the hacker funded its operation through a Tornado Cash-related address in Ethereum (ETH) to cover transactional costs.
Analysis done by the firm also revealed that the hacker has already distributed stolen funds to different externally owned accounts on other blockchains using cross-chain bridges. While the exact nature of the hack remains undisclosed, the WOOFi team stated in a follow-up update that all other WOO contracts are secure.
The WOOFi team has announced a 10% whitehat bounty for the individual responsible for the exploit. Additionally, a bounty has been announced for any information leading to the identification of the attacker, although the size of the bounty was not specified.
Launched in November 2021, WOOFi is a decentralized exchange that offers both swapping services and trading activities through two different products. Following the news, WOOFi’s native token WOO experienced a nearly 8% plunge to $0.5, according to CoinMarketCap.