A hacker exploited a flaw in the trading reward contract of ApolloX, a crypto derivatives exchange, to amass over 53 million APX tokens.
NOTE: There is no loss of users’ funds.
We have changed the truth holder of the staking contract. ApolloX team also made an emergency repurchase of 12,748,585 APX tokens. The lost tokens will be made up for via APX earned from exchange trading fees.
— ApolloX (@ApolloX_com) June 9, 2022
The hacker accumulated 255 signatures and utilized them to withdraw 53 million APX tokens from the withdrawal contract. The estimated loss is around $2.1 million at the time of writing. The attack happened precisely on June 8 around 11:20 AM UTC.
The ApolloX team immediately halted the withdrawal function on DEX after the attack. They also announced that a detailed investigation report would be put on official channels. The team announced that to make up for the losses, the team will repurchase via APX earned from trading fees.
The team has now released another update stating they have changed the truth holder of the staking contract. The ApolloX team noted that there was no loss of funds to the users. As promised, the team also purchased 12,748,585 APX tokens as an emergency response.
The ApolloX token also plummeted by 60% following the exploit. The attack happened on the same day that ApolloX completed a seed funding round for an amount that is undisclosed at the moment. Notable investors include Binance Labs and Kronos Research.
Crypto scams are rising as attackers try to cash in on every possible loophole. Even when the platforms are trying to fix up their security protocols, attackers are trying to hop on to find out any further loopholes to carry out their attacks.