The Bitcoin re-staking protocol Bedrock suffered a cyberattack in which hackers exploited a vulnerability in the synthetic token uniBTC, stealing assets worth $2 million.
⚠️Important Announcement from the Bedrock Team
— Bedrock | Bitcoin Restaking LIVE (@Bedrock_DeFi) September 27, 2024
We want to inform you that the Bedrock team is aware of a security exploit involving uniBTC. The issue has been handled and funds are SAFU.
We want to reassure everyone that the underlying wrapped BTCs and BTCs in reserves are…
On September 27, the Bedrock team announced that the vulnerability had been identified and fixed, assuring users that their funds were secure. The bulk of the attack targeted decentralized exchange (DEX) liquidity pools, and interactions with the uniBTC contract have been temporarily halted.
“The root cause of the exploit has been identified, and we are taking steps to address it. A comprehensive reimbursement plan is nearing completion and will be published soon along with an incident report,” the statement said.
Recovery Measures and Auditor Cooperation
The Bedrock team is actively working with auditing groups and white-hat hackers to recover the stolen funds and plans to release a report confirming reserves. The developers emphasized that no further action is required from users as all their assets are secure.
“At this point, no additional actions are required from our community. Rest assured that all uniBTC held by users is safe,” Bedrock representatives reassured.
Earlier, the Telegram bot team Banana Gun confirmed their intention to reimburse users for $3 million in losses after a similar attack. According to Immunefi, cryptocurrency companies faced 34 incidents of hacking and fraud in the third quarter of 2023, resulting in a total loss of over $413 million.