ParaSwap successfully avoids being hacked by exploiting the vulnerability in the Augustus v6 contract.

Decentralized finance (DeFi) aggregator ParaSwap made a significant discovery regarding its recently launched Augustus v6 contract. The company detected a critical vulnerability that could have resulted in substantial financial losses. However, thanks to prompt action from white hat hackers, the funds were protected. The ParaSwap Augustus v6 contract was designed to enhance swapping efficiency and reduce gas fees but inadvertently included the vulnerability that allowed hackers to drain approved funds. Upon discovering the issue, ParaSwap immediately paused the v6 application programming interface (API) and secured the affected users’ funds through a white hat hack. To prevent further losses, ParaSwap advised all users to revoke permissions to the Augustus v6 contract until the vulnerability was resolved. Despite these precautions, the hacker managed to cash out approximately $24,000 from four different addresses. In total, 386 addresses were affected by the vulnerability, and ParaSwap urged users to report any unidentified losses. To address the issue, ParaSwap deactivated support for the vulnerable v6 contract on its user interface (UI) and reverted to v5. The company assured users that all funds had been successfully recovered and promised to provide more details about the refund process soon. ParaSwap also recommended that affected users use exploit checker services to confirm their safety. In other news, researchers from Salus Security found that generative artificial intelligence (AI) tools like ChatGPT-4 are proficient in generating code but lack reliability as security auditors. They discovered that ChatGPT had a high level of precision in detecting true positives, which are actual vulnerabilities outside of a testing environment. However, they emphasized the need for caution when relying solely on AI tools for security auditing.