Socket.Tech Security Breach Results in $3.3M Loss

Approximately 700 users affected in exploit targeting the Bungee Exchange; operations restored after six-hour pause.

Socket.Tech, a cross-chain infrastructure protocol, suffered a security breach on January 16, affecting various Web3 apps and resulting in a loss of about $3.3 million.
The attack targeted the Bungee Exchange, a frontend to the Socket Protocol, exploiting a vulnerability in the SocketGateway part of the system.
Approximately 700 users who interacted with a vulnerable bridging route added to the protocol in recent days were affected, with the worst hit wallet seeing $656,000 USDC drained.
Operations were paused to prevent further exploitation and service to the protocol was restored after about 6 hours.
Socket developers have promised a full post-mortem analysis and are working on plans for compensation.