Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On August 7, 2023, Cypher, a Solana-based decentralized exchange, tweeted that it had been attacked. The attacker exploited a bug related to the mechanism involving segregated margin sub-accounts to attack Cypher's main contract, causing it to eventually withdraw more funds than initially deposited, leading to a bad debt in the system. The attacker stole 15,452 SOL, 149,205 USDC, and other tokens for a loss of over $1 million. The attacker’s address is suspected to be HHm4wK91XvL3hhEC4hQHo544rtvkaKohQPc59TvZeC71. On August 18, Cypher stated that approximately $600,000 has been frozen on various centralized exchanges (CEXs), and the return of these funds will depend on the cooperation of these CEXs and seizure orders issued by law enforcement agencies. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 1,000,000.
- chain
- solana
- protocol
- Cypher
- bug_class
- logic
- date_occurred
- 2023-08-07
- loss_usd
- $1,000,000
- source_id
- sm:cypher::2023-08-07