Attack on IP-Fi
Unleash Protocol suffers an exploit of $3.9M after a governance takeover in the Story ecosystem
The sector of decentralized Intellectual Property (IP-Fi) has suffered a critical setback. #UnleashProtocol , one of the key platforms built on #story , has been the victim of a security breach that resulted in the loss of approximately 3.9 million dollars.
The Method (Governance Attack): It was not a traditional code error, but a failure in the governance system. An external address managed to take control of Unleash's multi-sig, allowing an unauthorized update of the smart contracts to withdraw funds without the community's consent.
Affected Assets: The attacker drained a variety of assets, including WIP, USDC, WETH, stIP, and vIP.
Money Laundering: According to the security firm PeckShield, the attacker moved the assets to the network #Ethereum and deposited 1,337.1 ETH in Tornado Cash, complicating the tracking and recovery of the assets.
Isolation of the Problem: It is crucial to highlight that both Unleash and LookonChain confirm that #StoryProtocol is not compromised; the vulnerability was specific to the internal governance structure of Unleash.
Current Status: Unleash's operations are fully suspended. The team is working with forensic investigators and strongly advises users not to interact with their contracts until further notice.
#CryptoNews $IP
