ParaSwap, a leading decentralized finance (DeFi) aggregator, demonstrated its commitment to user protection when swiftly responding to a critical vulnerability in its newly launched Augustus v6 contract.
Despite the potential for a significant loss of funds, ParaSwap’s vigilant team detected the flaw on March 20, promptly pausing the v6 API and securing users through a white-hat intervention.
By advising users to revoke permissions for the vulnerable contract, ParaSwap exemplified transparency and accountability in the DeFi space.
Despite their proactive measures, a hacker managed to exploit the vulnerability, resulting in approximately $24,000 in losses across four addresses. However, ParaSwap’s swift action minimized the impact, with only 386 addresses affected.
ParaSwap continues to urge affected users to report any potential losses, underscoring their dedication to maintaining a secure and reliable platform for all participants.
ParaSwap added, “We have successfully recovered funds for all addresses, and more details about the refund process will be shared soon.”
Furthermore, ParaSwap has disabled support for the compromised v6 contract in its recently revised user interface (UI) and reverted to utilizing v5.
ParaSwap updated on X, users of Polygon, BNB, and Avalanche can rest assured that their security is fully ensured. The v6 contracts have been self-destructed, rendering them inaccessible to potential attackers.
