A cybercriminal initiated the process of depleting user funds on May 14 via the decentralized exchange (DEX) known as Equalizer. The unauthorized use of funds only became evident when the Equalizer team issued a cautionary statement to users, advising them to cease all interactions with the exchange, as seen in a post on X.
As of now, the hacker has successfully drained approximately 2,353 Equalizer (EQUAL) tokens and various other tokens from users. Although the stolen tokens hold minimal value, the hacker’s strategy of conducting numerous small transactions allowed them to clandestinely siphon user funds without arousing suspicion.
Source:
Equalizer
The hacker’s wallet address was established 222 days ago and is still receiving the stolen user funds.
The theft commenced with the withdrawal of 2,500 SpookySwap liquidity tokens (spLP) at approximately 4:10 am UTC on May 14. This initial act paved the way for the hacker to pilfer additional tokens from users.
To date, the total number of tokens drained includes:
– 2,353 EQUAL tokens across five transactions
– 510,579 FantomStarter (FS) tokens
– 2,500 spLP tokens
– 6 million AnyInu (AI) tokens
– 985,565 ChillPill (CHILL) tokens
– 50,000 WigoSwap (WIGO) tokens
– 25 multiDEUS (DEUS) tokens
Consequently, the price of the EQUAL token has plummeted by nearly 11% within the day, reaching around $8.90.
Adding insult to injury, a fraudster proceeded to create a counterfeit Equalizer X account and posted instructions on how affected users could file for a refund.
Source:
Equalizer
It remains uncertain whether all the tokens were drained exclusively through the Equalizer DEX, but the Equalizer team is currently conducting an investigation into the exploit.
Through the Equalizer Discord channel, the team released a precautionary measure for users to prevent further loss of funds.
Source:
Equalizer
A member of the Equalizer Discord community, known as “543,” reassured users that they are safe if they have not interacted with Equalizer Websites in the past six hours. However, for users who have engaged with the websites during this time frame, “543” advised them to “revoke all your approvals made during this time.”
Discord user “543” alerting users about revoking approvals.
Source: Equalizer Discord channel
The team is actively “working on restoring the main website” and has advised users to refrain from utilizing the main website until it is updated.