Security Vulnerability in AVAX Based Project: 2 Altcoins Drop! - Coinleaks
Current Date:June 2, 2024

Security Vulnerability in AVAX Based Project: 2 Altcoins Drop!

Trader Joe’s, known as the largest decentralized exchange (DEX) on Avalanche, made headlines. Because the altcoin platform was shaken by a security breach. Additionally, Fantom-based SpookySwap (BOO) also faced a security vulnerability. The security breach caused a problem at the front-end of the projects. Here are the details…

Security vulnerability in Trader Joe’s

Reports indicate that the contract address on the platform was illegally replaced with a phishing address, causing authorities to issue warnings about potential vulnerabilities in third-party JavaScript code used in the platform’s analytics plugin. Immediate action was taken as a rapid response to the breach. The compromised code was detected and removed from the system, ensuring the integrity and security of the host computer. Trader Joe’s front-end went temporarily offline. However, efforts are ongoing to restore full functionality. Additionally, altcoin users are advised to stay informed about the developments.

Amid the chaos, Trader Joe’s officials urged users to check if they were affected by the breach. Those trading on the DEX after a certain timestamp were advised to revoke access to the contract address: 0xd8ea07f43bc5045ec49ab52a3da2d0bf533581bf. Multiple ways, including dedicated websites and wallet integrations, are provided for users to verify whether their transactions are linked to the compromised contract address and potentially revoke access.

Altcoin projects experienced a decline

A versatile trading platform, Trader Joe covers decentralized exchange services, DeFi lending, leveraged trading, yield farming, staking and borrowing capabilities. The breach was caused by a vulnerability found in a third-party plugin, which was later removed by platform administrators to prevent further exploitation. The repercussions of this breach were evident in the cryptocurrency markets, particularly in the price of the JOE token, which was down over 12% at the time of reporting. Currently, JOE’s price has decreased by 13.16 percent. The price is around $0.35.

It is also stated that the SpookySwap platform was also affected by this attack. At the time of writing, SpookySwap’s altcoin project BOO was down 11.41 percent.

There are millions of dollars of value locked

However, market observers note that this could be part of a broader market correction, considering that JOE is up a significant 75% since the beginning of November. Trader Joe’s importance to the Avalanche network is evident as it had a Total Value Locked (TVL) of over $115 million at the time of the event. Despite expanding to its other blockchains in 2023 to attract a broader user base, Avalanche remains the dominant chain for Trader Joe’s with a TVL of $77.6 million. Arbitrum lags behind with $35.9 million, followed by BNB Chain and Ethereum with TVLs of $1.3 million and $1 million, respectively.

This breach marks another example of a front-end cyberattack involving malicious phishing code, reminiscent of previous incidents in the altcoin space. Established DeFi organizations such as Balancer, Galxe, Celer Network, and even Ethereum co-founder Vitalik Buterin’s projects have also faced similar attacks, signaling a recurring trend in 2023.