header banner

A hack of the Telegram-based cryptocurrency trading bot Unibot causes a 40% drop in token value

Table of Contents
    Source: AdobeStock / Sergey Nivens

    Telegram-based crypto trading bot Unibot is suspected of being hacked as users of the trading bot try to move their funds off the platform.

    The Unibot platform facilitates users in connecting their wallets to the decentralized exchange Uniswap, allowing them to trade tokens using Telegram-based tools, much like sending messages on the popular messaging app.

    .@TeamUnibot seems exploited, the exploiter transfers memecooins from #unibot users and is exchanging them for the $ETH right now.

    The current exploit size is ~$560K

    Exploiter address:https://t.co/ysyTmgUAit pic.twitter.com/MF85Fdk892

    — Scopescan (🪬 . 🪬) (@0xScopescan) October 31, 2023

    As per etherscan data, the exploiter seems to be moving users’ crypto and trading them for ETH.

    Unibot attacker received 1 ETH as gas fee from FixedFloat coin mixer one week after the crypto trading bot was launched, Scopescan revealed.

    Onchain analytics account Lookonchain reported that so far the exploiter has stolen over $600,000.

    A hacker attacked @TeamUnibot and is stealing the assets of users.

    As of now, the stolen assets have exceeded $600K.

    If you use #Unibot, please move your funds to other wallets or revoke approvals of the contract as soon as possible.

    0x126c9FbaB3A2FCA24eDfd17322E71a5e36E91865 pic.twitter.com/ioObZ3WAyR

    — Lookonchain (@lookonchain) October 31, 2023

    Beosin Alert reported that the root cause of the hack is CAll injection, where an attacker can pass custom malicious calldata into the 0xb2bd16ab() method to transfer tokens approved to Unibot contracts.

    The price of the token crypto trading bot, UNIBOT, crashed over 40% on the reports of being hacked.

    At the time of writing, UNIBOT is trading at $36.45, as per Coingecko data.

    The team behind the crypto trading bot platform confirmed the attack on social media platform X, saying that they experienced a token approval exploit from their new router and have paused the router to contain the issue.

    We experienced a token approval exploit from our new router and have paused our router to contain the issue.

    Any funds lost due to the bug on our new router will be compensated. Your keys and wallets are safe.

    We will release a detailed response after investigations conclude.

    — Unibot (@TeamUnibot) October 31, 2023

    The team also confirmed that any funds lost due to the bug on the new router will be compensated. Users’ keys and wallets are safe, it added.

    Enter your email for our Free Daily Newsletter

    A quick 3min read about today's crypto news!


    Article information

    Author: Michele Ellis

    Last Updated: 1700166003

    Views: 877

    Rating: 3.7 / 5 (60 voted)

    Reviews: 90% of readers found this page helpful

    Author information

    Name: Michele Ellis

    Birthday: 1914-05-07

    Address: 87954 Jackie Trace, Christopherfurt, AR 36313

    Phone: +3965269612732672

    Job: Phlebotomist

    Hobby: Metalworking, Video Editing, Cross-Stitching, Arduino, Bird Watching, Card Games, Animation

    Introduction: My name is Michele Ellis, I am a skilled, fearless, treasured, audacious, frank, multicolored, unswerving person who loves writing and wants to share my knowledge and understanding with you.