ParaSwap Investigating Potential Profanity Exploit, Funds Stolen

Blockchain security company Supremacy Inc. has tweeted that DeFi aggregator ParaSwap may have been compromised, leading to multiple chains’ stolen funds. The exploit may be a result of a profanity vulnerability.

Updated 11 Oct., 10:00UTC: ParaSwap have denied any vulnerability and have said they will release a fuller explanation later.

Sponsored

✅ No vulnerability found! Please check the facts & Don't Trust, Verify!

We’ll follow up with analysis & an explanation of what’s a deployer address and how we made sure they have no power at all! https://t.co/uQKVncMZof
— ParaSwap (@paraswap) October 11, 2022

The ParaSwap team did offer an update saying that it was investigating the issue but that the address has no power after the deployment.

1/ Hi @paraswap ,I heard that you want to see this? your deployer address private key may have been compromised (possibly due to Profanity vulnerability) and funds have been stolen on multiple chains.https://t.co/ijHaTwAj0l
— Supremacy (@SupremacyHQ) October 11, 2022

Supremacy said that the deployer’s address is associated with multiple multi-sign wallets. It recommended to ParaSwap that it ensure that other multi-sign addresses are not generated by profanity.

This post will be updated as the story develops.

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.

ParaSwap Deny Potential Profanity Exploit, Promising Analysis Later