Trader Joe and SpookySwap Front-End Attacks: Users Advised to Halt Transactions
Trader Joe and SpookySwap Front-End Attacks
Update:
On the morning of November 18, SpookySwap, a DEX on the Fantom network, also reported a front-end attack and urged users to cease interactions and usage of the platform.
The Spooky team is currently investigating a frontend vulnerability on our domain 😿
— SpookySwap (@SpookySwap) November 18, 2023
Please do not execute any transactions on the DEX! 🚨
We'll keep our community updated here, on Discord and Telegram when the issue has been resolved 💜
Original Article:
In an announcement early on November 18, Trader Joe, the leading DEX on Avalanche, revealed that its front-end had been compromised by malicious actors who inserted phishing links to redirect users to a malicious smart contract.
After receiving reports from users about transactions being directed to unfamiliar smart contract addresses, the Trader Joe team promptly investigated and confirmed the front-end breach.
🚨 Important Security Alert
— Trader Joe (@TraderJoe_xyz) November 17, 2023
We have been alerted to a possible vulnerability in our frontend interface. Our team is conducting an immediate and thorough investigation.
We strongly advise all users to refrain from trading and from executing any transactions on the Trader Joe…
Approximately 100 users across all supported chains, including Avalanche, Arbitrum, BNB Chain, and Ethereum, were affected by the attack. Trader Joe has urged affected users to contact their support team for assistance.
Trader Joe advised all users to halt transactions via the platform's front-end and revoke previously granted wallet permissions across all chains.
By around 08:30 AM on November 18 (Vietnam time), Trader Joe announced that the issue had been resolved and confirmed that trading, staking, lending, and liquidity provision could proceed as usual from the front-end.
🚨 Further Update: Frontend Restored 👍
— Trader Joe (@TraderJoe_xyz) November 18, 2023
Following investigation and removal of the vulnerable 3rd party analytics code, the frontend has now been restored and it is marked safe to use for all activities such as trading, liquidity, staking, lending and more.
There are no other… https://t.co/bjkeog756u pic.twitter.com/MzLiFdG9bH
The attack stemmed from a vulnerability in a third-party plugin. Trader Joe has since removed this plugin and assured that no external organization’s code is integrated into their system.
The price of Trader Joe’s native token, JOE, has dropped by more than 13% at the time of writing. However, this might be a market correction, as JOE had surged over 75% since the beginning of November.
Image: 4-hour chart of the JOE/USDT pair on Binance as of 09:00 AM on November 18, 2023
Trader Joe is the largest DEX on Avalanche, with a TVL of over 115 million USD at the time of writing. Despite expanding to other blockchains in 2023 to attract more users, Avalanche remains Trader Joe's primary chain with 77.6 million USD TVL, followed by Arbitrum with 35.9 million USD, while BNB Chain and Ethereum have 1.3 million USD and 1 million USD TVL, respectively.
Image: TVL fluctuation of Trader Joe. Source: DefiLlama (November 18, 2023)
This front-end phishing attack is the latest in a series of similar incidents in the cryptocurrency industry. Such attacks have become more frequent in 2023, targeting prominent DeFi names like Balancer, Galxe, Celer Network, and even Ethereum co-founder Vitalik Buterin.
