On May 14, a hacker began siphoning user funds from the decentralized exchange (DEX) Equalizer. The misuse of funds came to light when the Equalizer team alerted users via a post on X, advising them to cease interactions with the exchange.
As of now, the hacker has stolen approximately 2,353 Equalizer (EQUAL) tokens along with several other tokens from users. Although the monetary value of the stolen tokens is relatively low, the hacker managed to continue the theft unnoticed through small transactions.
The hacker's wallet, created 222 days ago, has been consistently receiving stolen funds. The theft commenced at around 4:10 am UTC on May 14, starting with the draining of 2,500 SpookySwap liquidity tokens (spLP), followed by several other tokens.
Adding to the chaos, a scammer set up a fake Equalizer X account and falsely claimed to provide refunds for affected users.
It's still uncertain whether all the stolen tokens were drained exclusively through the Equalizer DEX, but the Equalizer team is actively investigating the exploit. They have issued a preventive advisory via their Discord channel, urging users to take specific actions to prevent further loss:
“If connecting to the dapp [[Connect Wallet]] asks you to Approve something, immediately stop using that site. If the dapp asks you to interact with a contract you have never interacted with before, stop using that site. If it asks you to approve any contract that is unknown or not in our documentation, stop using that site.”
Equalizer Discord member "543" informed users that they are safe if they have not interacted with Equalizer websites in the last six hours. For those who have, "543" recommended revoking all approvals made during that period.
The team is currently working on restoring the main website and has advised users to avoid using it until the updates are completed.
May 2024, Cryptoniteuae