ParaSwap paused the v6 API soon after discovering the vulnerability and secured the potential victims’ funds through a white hat intervention. Plans to reimburse potential victims are underway.
Decentralized finance (DeFi) aggregator ParaSwap discovered a vulnerability in its newly launched Augustus v6 contract and prevented a colossal loss of funds through timely white hat intervention.
On March 18, the ParaSwap Augustus v6 contract went live, promising greater efficiency in swapping gas fees than all its preceding contracts. However, the contract contained a critical vulnerability, allowing hackers to drain funds when approved.
Soon after discovering the vulnerability on March 20, ParaSwap paused the v6 application programming interface (API) and secured the potential victims’ funds through a white hat hack.