A new contract deployed on Oct. 29 by Unibot, a popular Telegram bot used to snipe trades on the decentralized exchange Uniswap, was reportedly exploited to hack roughly $560,000 in various memcoins from users.
On Oct. 31, blockchain security firm Scopescan alerted Unibot users about an ongoing hack on Unibot that went undetected. An exploit on a newly deployed contract by Unibot drained the crypto holdings of several users.
.@TeamUnibot seems exploited, the exploiter transfers memecooins from #unibot users and is exchanging them for the $ETH right now.
The current exploit size is ~$560K
Exploiter address:https://t.co/ysyTmgUAit pic.twitter.com/MF85Fdk892
— Scopescan ( . ) (@0xScopescan) October 31, 2023
Unibot later confirmed the hack by revealing initial details:
We experienced a token approval exploit from our new router and have paused our router to contain the issue.
Any funds lost due to the bug on our new router will be compensated. Your keys and wallets are safe.
We will release a detailed response after investigations conclude.
— Unibot (@TeamUnibot) October 31, 2023
Amid ongoing investigations from Unibot and blockchain investigators, Scopescan advised users to revoke the approvals for the exploited contract (0x126c9FbaB3A2FCA24eDfd17322E71a5e36E91865) and move the funds to a new wallet.
Unibot hacker’s funds movement. Source: 0xscope.com
The hacker is in the process of converting the stolen memecoins into Ether (ETH), blockchain data from Scopescan shows.
Unibot 1-day price chart showing a sharp decline in price following hack. Source: CoinGecko
As seen above, the market reacted negatively to the development as the UNIBOT (UNIBOT) token witnessed an immediate 42.7% drop in its price in one hour — from $57.56 to $32.94. However, the token price is making a recovery attempt at the time of writing.
Unibot committed to compensating all users that lost funds due to the contract exploit. Weekly transaction data shows that cryptocurrencies such as Joe (JOE), UNIBOT and BeerusCat (BCAT) represented a major part of the loot.
Cointelegraph also learned from Scopescan that the address 0x835B, which is identical to the exploited address, was deployed and is being used to receive tokens from unsuspecting victims.
Unibot has not yet responded to Cointelegraph’s request for comment.
Telegram crypto bots gain momentum in the market: Binance Research
A similar contract exploit recently drained 280 ETH from users of Maestrobots, a group of cryptocurrency bots on the Telegram messenger app.
In the following days, Maestrobots paid a total of 610 ETH from its own revenue to cover all the user losses while citing a lack of liquidity to buy back the lost tokens:
Blockchain security firm CertiK confirmed to Cointelegraph that it has been able to detect the transactions showing the 334 ETH compensation paid out to users from Maestro.