Telegram-based crypto trading bot Unibot is suspected to have been hacked as users attempt to withdraw their funds from the platform. Unibot allows users to connect their wallets to the decentralized exchange Uniswap, enabling them to trade tokens using Telegram-based tools. This functionality is similar to sending messages on a popular messaging app.
According to etherscan data, the exploiter appears to be transferring users’ crypto assets and exchanging them for Ethereum (ETH). Scopescan revealed that the Unibot attacker received 1 ETH as a gas fee from the FixedFloat coin mixer a week after the launch of the crypto trading bot. As reported by Onchain analytics account Lookonchain, the attacker has successfully stolen over $600,000 so far.
The Root Cause of the Hack
Beosin Alert has stated that the hack’s root cause is Call injection, a technique that allows an attacker to pass custom malicious calldata into the 0xb2bd16ab() method. This method is used to transfer tokens approved to Unibot contracts.
The UNIBOT token, which powers the crypto trading bot, experienced a significant drop in price of over 40% following reports of the hack. According to Coingecko data, UNIBOT is currently trading at $36.45.
The team behind the Unibot platform took to social media platform X to confirm the attack. They stated that they had encountered a token approval exploit from their new router and subsequently paused the router to contain the issue. The team assured users that any funds lost as a result of the bug on the new router would be reimbursed. Additionally, they emphasized that users’ keys and wallets remained secure.