{"id":7758,"date":"2022-10-11T18:38:46","date_gmt":"2022-10-11T18:38:46","guid":{"rendered":"https:\/\/cryptoheretostay.com\/?p=7758"},"modified":"2022-10-11T18:38:46","modified_gmt":"2022-10-11T18:38:46","slug":"paraswap-investigating-possible-private-key-hack","status":"publish","type":"post","link":"https:\/\/cryptoheretostay.com\/?p=7758","title":{"rendered":"ParaSwap \u201cInvestigating\u201d Possible Private Key Hack"},"content":{"rendered":"<p> <script type=\"text\/javascript\">\r\namzn_assoc_placement = \"adunit0\";\r\namzn_assoc_tracking_id = \"totafreearti-20\";\r\namzn_assoc_ad_mode = \"search\";\r\namzn_assoc_ad_type = \"smart\";\r\namzn_assoc_marketplace = \"amazon\";\r\namzn_assoc_region = \"US\";\r\namzn_assoc_default_search_phrase = \"crypto\";\r\namzn_assoc_default_category = \"All\";\r\namzn_assoc_search_bar = \"false\";\r\namzn_assoc_title = \"\";\r\namzn_assoc_rows =\"1\";\r\n<\/script>\r\n<script src=\"\/\/z-na.amazon-adsystem.com\/widgets\/onejs?MarketPlace=US\"><\/script><br \/>\n<\/p>\n<p>Share this article<\/p>\n<p>ParaSwap confirmed it was investigating the incident.\u00a0<\/p>\n<h2>ParaSwap \u201cInvestigating\u201d Address Issue\u00a0<\/h2>\n<p>ParaSwap may have suffered a hack, blockchain security firm Supremacy Inc. has reported.\u00a0<\/p>\n<p lang=\"en\" dir=\"ltr\">1\/ Hi @paraswap ,I heard that you want to see this? your deployer address private key may have been compromised (possibly due to Profanity vulnerability) and funds have been stolen on multiple chains.https:\/\/t.co\/ijHaTwAj0l<\/p>\n<p>\u2014 Supremacy Inc. (@Supremacy_CA) October 11, 2022<\/p>\n<p>Supermacy Inc. first alerted ParaSwap to an issue in a Tuesday tweet storm. \u201cYour deployer address private key may have been compromised (possibly due to Profanity vulnerability),\u201d the warning read. \u201cFunds have been stolen on multiple chains.\u201d\u00a0<\/p>\n<p>ParaSwap was quick to respond to the posts, confirming that it was looking into the incident. \u201cWe\u2019re investigating, but the address has no power after the deployment. Just paid the gas and retired. Profanity addresses usually have trailing zeros,\u201d the team wrote.\u00a0<\/p>\n<p>Supremacy Inc. included an Etherscan link to ParaSwap\u2019s deployer contract address. The wallet\u2019s transaction history shows that someone with access to its private key made several transfers across Ethereum, BNB Chain, and Fantom earlier this morning, though they only withdrew a few hundred dollars in each transaction. Notably, the ParaSwap team did not confirm that it made the transactions in its response, nor did it deny any vulnerability.\u00a0<\/p>\n<p>Several members of the crypto community weighed in on Supremacy Inc.\u2019s post shortly after it went live. \u201cStill not as bad PR as the airdrop,\u201d said <em>UpOnly<\/em> co-host Cobie, referring to ParaSwap\u2019s divisive 2021 token airdrop, which used a strict distribution model that excluded many loyal users. PSP suffered shortly after the airdrop and never recovered; per CoinGecko data, it\u2019s about 98.8% short of its all-time high today.\u00a0<\/p>\n<p>Update: In a follow-up tweet, ParaSwap said that it had found no sign of an exploit. \u201cNo vulnerability found! We\u2019ll follow up with analysis &amp; an explanation of what\u2019s a deployer address and how we made sure they have no power at all!\u201d<\/p>\n<p><em>Editor\u2019s note: An earlier version of this article incorrectly stated that ParaSwap\u2019s contract address held 1.8 billion PSP tokens. It\u2019s since been updated.\u00a0<\/em><\/p>\n<p><em>Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.\u00a0<\/em><\/p>\n<p>Share this article<\/p>\n<p>The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.<\/p>\n<p>You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.<\/p>\n<p>See full terms and conditions.<\/p>\n<p><script type=\"text\/javascript\">\r\namzn_assoc_placement = \"adunit0\";\r\namzn_assoc_tracking_id = \"totafreearti-20\";\r\namzn_assoc_ad_mode = \"search\";\r\namzn_assoc_ad_type = \"smart\";\r\namzn_assoc_marketplace = \"amazon\";\r\namzn_assoc_region = \"US\";\r\namzn_assoc_default_search_phrase = \"bitcoin\";\r\namzn_assoc_default_category = \"All\";\r\namzn_assoc_search_bar = \"false\";\r\namzn_assoc_title = \"\";\r\namzn_assoc_rows =\"1\";\r\n<\/script>\r\n<script src=\"\/\/z-na.amazon-adsystem.com\/widgets\/onejs?MarketPlace=US\"><\/script><br \/>\n<br \/><a href=\"https:\/\/cryptobriefing.com\/paraswap-investigating-possible-private-key-hack\/?utm_source=category_feed&#038;utm_medium=rss\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Share this article ParaSwap confirmed it was investigating the incident.\u00a0 ParaSwap \u201cInvestigating\u201d Address Issue\u00a0 ParaSwap may have suffered a hack, blockchain security firm Supremacy Inc. has reported.\u00a0 1\/ Hi @paraswap ,I heard that you want to see this? your deployer address private key may have been compromised (possibly due to Profanity vulnerability) and funds have [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":7759,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wp_rev_ctl_limit":""},"categories":[4],"tags":[],"class_list":["post-7758","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-market-news"],"_links":{"self":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/7758","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7758"}],"version-history":[{"count":1,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/7758\/revisions"}],"predecessor-version":[{"id":7760,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/7758\/revisions\/7760"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/media\/7759"}],"wp:attachment":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7758"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7758"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7758"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}