The Solana-based gaming ecosystem, Aurory, encountered a breach on December 17, causing a significant plunge in liquidity by almost 80% within the AURY-USDC pool on the decentralized exchange (DEX) Carmelot.
Reports, although unconfirmed, suggested that the breach led to approximately $312,000 in losses. SyncSpace, serving as a bridge to Aurory, facilitates users in switching between on-chain and off-chain projects via a single transaction. This functionality allows assets originally existing off-chain in the game to transition onto the blockchain if users opt to desynchronize.
In a blog post from October 2022 introducing SyncSpace, the Aurory team contended that cross-SyncSpace hacking was implausible due to the requirement of asset signing during Sync/DeSync processes.
In a post on X (formerly Twitter), Aurory team member Tim disclosed that tokens owned by the team were stolen and swiftly sold off. Tim mentioned ongoing efforts to repurchase tokens while conducting a thorough investigation, promising to release a detailed post-mortem once the audit concludes. As of the latest update, AURY is trading at $1.23, marking an 11% decrease in value over the past 24 hours, following the attack that drove the coin's price down to $1.13. A user shared concerns, noting, "Exploiter Oppenheimer charted the bottom buyers doing 5x on $45m, and now the entire pool is collapsed with very little liquidity."
Over the weekend, the crypto industry witnessed additional security incidents. On December 16, two outdated smart contracts of the trading platform NFT Trade experienced attacks, resulting in the theft of nearly $3 million worth of non-fungible tokens (NFTs). Following negotiations, a substantial portion of the tokens was returned after paying a 10% bounty to the attacker.
