The UNIBOT token price has tanked by over 40% after the popular Telegram bot was exploited for $630,000. Unibot confirmed the hack on X, stating it had suffered a token approval exploit in its new order router.
The Unibot team stated it had paused the router in an effort to mitigate any further damage.
New Contract Exploited
Unibot deployed the new contract at the center of the exploit on the 29th of October. Unibot is a popular Telegram bot that is used to snipe trades on the decentralized exchange Uniswap. Unibot users were alerted about an ongoing hack on the platform by blockchain security firm Scopescan on the 31st of October on Unibot, which had so far gone undetected. The hack, an exploit on a newly deployed contract by Unibot, had drained the crypto holdings of several users on the platform. Scopescan posted on X,
“@TeamUnibot seems exploited; the exploiter transfers meme coins from #unibot users and is exchanging them for the $ETH right now. The current exploit size is ~$560K.”
Unibot confirmed the hack in a later post, revealing only the initial details.
“We experienced a token approval exploit from our new router and have paused our router to contain the issue. Any funds lost due to the bug on our new router will be compensated. Your keys and wallets are safe. We will release a detailed response after investigations conclude.”
As Unibot and Scopescan conducted their initial investigations, the latter advised users to revoke approvals for the exploited contract. The hacker is currently in the process of converting the stolen meme coins into ETH, according to data sourced from Scopescan.
Unibot To Compensate Users
Unibot has also committed to compensating all users who lost funds due to the contract exploit. Transaction data shows that cryptocurrencies such as Joe (JOE), UNIBOT, and BeerusCat (BCAT) make up a considerable portion of the stolen tokens. ScopeScan has also stated that the address 0x835B, which is similar to the address exploited, was deployed and used to receive tokens from unsuspecting victims of the hack.
Other Similar Exploits
A similar contract exploit had resulted in hackers draining 280 ETH from the users of Maestrobots, a group of cryptocurrency bots on the Telegram Messenger app. Maestrobots stated it will refund users on the Maestro Router 2 contract. According to its announcement on X, Maestro paid 610 ETH out of its own revenue to cover user losses, which totaled around $1 million at the time.
“Every wallet that lost tokens in the router exploit has now received the full amount they lost. Some of you ended up with even bigger bags. So we compensated affected users with the ETH equivalent of their tokens and boosted that amount by 20% because you deserve it. These refunds cost 334 ETH.”
The Maestro team stated that some of the reimbursed amounts were paid back to users in affected tokens and ETH. The team added that it chose to buy and refund the tokens instead of sending ETH because it was the most equitable and complete refund they could offer their users. In a separate incident, LastPass users lost around $4.4 million worth of crypto in another exploit.
Unibot Price Action
When the news of the hack broke, the UNIBOT token was trading at around the $58 mark, as can be seen in the chart below. Following news of the hack, which was disclosed by blockchain security firm Scopescan, the token’s price tanked by over 42% in under an hour. The price dropped from $58 to $32.94. However, the token did make a recovery, rising to $42. Currently, the token is trading around the $45 mark.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.