zkSync DEX Merlin Suffers $1.82 Million Loss in Recent Hack

No Comments

A recent hack on the Merlin DEX, a decentralized exchange operating on the zkSync layer 2 solutions, has resulted in a staggering loss of $1.82 million and drained liquidity provider funds. This unfortunate event was a result of hackers exploiting a vulnerability in the platform’s smart contract, allowing them to manipulate LP tokens and drain funds. In response to the hack, Merlin has issued a developer announcement requesting that all users revoke connected site access from their wallets and sign permission as a precautionary measure.

It is worth noting that Merlin recently underwent a CertiK audit, launched its public sale on April 25th, and has already fallen victim to hackers in less than 24 hours. The team at Merlin has promptly advised users to revoke their approval of the smart contract and is currently investigating the incident. Reports indicate that the stolen funds on the platform are associated with two wallet addresses, with the cybercriminals laundering the stolen money by transferring it to Ethereum (ETH).

CertiK, a blockchain security firm, has announced that it is investigating the recent hack of the Merlin DEX. According to CertiK’s initial findings, the root cause of the issue may be related to a private key management problem rather than an exploit. Although audits cannot prevent such private key issues, CertiK aims to try to mitigate potential risks. The firm has stated that it will work with the appropriate authorities and share relevant information should any foul play be discovered.

This recent hack on the DEX Merlin platform has been a stark reminder of the risks involved in the cryptocurrency industry. The ongoing investigation by CertiK and Merlin’s prompt response to the hack are encouraging signs that the industry is taking security seriously. However, it is clear that there is still much work to be done to ensure that users’ funds and assets are protected. While the decentralized nature of DeFi offers many advantages, it also makes it vulnerable to malicious actors looking to exploit vulnerabilities in the system, making it crucial for all participants to remain vigilant and implement the best practices for security.