The recent cyber attack on the SUPER SUSHI SAMURAI blockchain game, operated through the Blast platform and accessible on Telegram, has resulted in a loss of $4.6 million. The funds were taken by a White hacker, who claimed that the breach was intended to safeguard users.
Following the breach, Super Sushi Samurai (SSS) made a announcement regarding the incident and initiated an investigation. Subsequently, it was discovered that the White hacker exploited a vulnerability to shift the funds in order to protect users, and urged the developers to reach out to him.
The developer of Coffee smart contracts at Yuga Labs disclosed that the loophole enabling users to double their tokens upon withdrawal from the game’s balance was the root cause of the breach. Capitalizing on this flaw, the White hacker drained the liquid pools on decentralized exchanges by converting the game tokens into 1,310 WETH, equivalent to $4.6 million.
After negotiations with the hacker, Super Sushi Samurai decided to hire the White hacker as a technical consultant. Additionally, the hacker was compensated with a 5% reward of the embezzled amount, along with an extra 2.5% in SSS tokens.