Blast protocol MonoSwap announces hack with link to attacker’s website
MonoSwap, which describes itself as a “Blast native liquidity space” announced via its X account that it has been hacked.
The post announcing the hack details how a developer for MonoSwap “installed a phishing app to join a call with scammers who pretended to be a VC. The attackers installed the botnet into his office PC, which has access to all MonoSwap-related wallets and contracts.”
It also notes that “the hackers then withdrew most of the staked liquidity positions, causing damage to the protocol.”
The original post included a link to the hacker’s website, but this was removed after Protos reached out to ask, “Do you think it was prudent to provide a link to the hacker’s website in your announcement post?“
Read more: Blast L2-based lending platform makes costly error, liquidating users for $26M
MonoSwap’s documentation has a page labeled ‘Security Measures’ which claims “MonoSwap’s expertly crafted smart contracts are developed by seasoned professionals with a deep understanding of the industry. We prioritize the safety and optimization of your investments by incorporating a robust set of features and security measures.”
Additionally, it has a page labeled ‘Audits’ which optimistically claims “Coming soon,” though the page also says “Last updated 6 months ago.”
The protocol has additional immaturities, including describing its wrapped token, xMONO, as a governance token, despite the fact that, as far as Protos has been able to determine, there is no voting mechanism to currently use those governance tokens for governance.
Protos has reached out to MonoSwap for clarification on the status of the protocol audits, why one executive had access to all of these mission critical resources on their computer, and what the use of the governance token is. At press we have not received a response.
Data from DefiLlama shows the ‘Total Value Locked’ for this protocol dropping from approximately $1.5 million to $200,000 today.
Got a tip? Send us an email or ProtonMail. For more informed news, follow us on X, Instagram, Bluesky, and Google News, or subscribe to our YouTube channel.