Trader Joe suffers breach, urges users to take action

Trader Joe has swiftly addressed a vulnerability in its analytics plugin, advising users to revoke access to a suspicious contract and restore safety.

The popular decentralized exchange (DEX) Trader Joe, on Nov. 17 announced a security breach in its frontend interface.

The breach, identified in a third-party analytics plugin, potentially put numerous users at risk, leading to immediate action by the platform’s team.

Breach detection and immediate response

According to the Trader Joe team, they discovered the vulnerability during a routine check, which revealed compromised JavaScript code in a third-party analytics tool.

The breach reportedly occurred at approximately 18:34 GMT, affecting all chains, including Avalanche (AVAX), Arbitrum (ARB), and Ethereum (ETH).

However, the team swiftly removed the malicious code and temporarily shut down the frontend to prevent further risks.

The incident led to some users’ transactions being rerouted to an unknown contract, specifically identified as “0xd8ea07f43bc5045ec49ab52a3da2d0bf533581bf”. It prompted an urgent advisory for users who had interacted with the DEX after the breach to revoke any access given to this contract.

You might also like: Fake DJ Marshmello presents sham coin at Web Summit as activists’ campaign

Steps for users to safeguard assets

In response to the breach, Trader Joe advised its users to check and revoke approvals of the malicious contract.

The DEX directed users to use various tools, including token approval checkers on SnowTrace, Arbiscan, and BSCScan, as well as the Rabby Wallet’s Approval Centre and revoke.cash.

Users could also search for the affected contract address and revoke its access by entering their wallet addresses or connecting their wallets to the suggested services.

Moreover, the DEX emphasized the importance of confirming contract addresses during transactions, directing users to their developer documents for verified and safe contract addresses.

Additionally, the Trader Joe Discord channel was made available for guided support, although with an advisory on potential delays in response.

Current status and moving forward

Following thorough investigation and remediation measures, Trader Joe has restored its frontend, assuring users that it is safe for all activities, including trading, liquidity, staking, and lending.

The DEX reassured users that there are no other third-party integrations or solutions in use, aiming to prevent similar vulnerabilities in the future.

The breach is the latest incident to affect Trader Joe. In October, the DEX was slapped with a lawsuit by a similarly named grocery retailer alleging trademark infringement and brand dilution.

The lawsuit targeted the platform as well as its founder Cheng Chieh Liu for deliberately fashioning the DEX to evoke the popular Trader Joe’s brand, an American grocery chain with 560 stores across the United States.

Read more: Crypto losses soar to $173m in November, driven by Poloniex hack