Unizen

Quick Summary

DeFi protocol Unizen suffered a $2.1 million exploit, prompting the immediate reimbursement of affected users. The exploit
involved a compromised platform and the draining of user funds, leading to significant financial losses.




Details of the Exploit

On March 9th, blockchain analytics firm PeckShield identified an "approve issue" with Unizen, resulting in over $2 million being
drained from the platform. The attacker exchanged Tether (USDT) for Dai (DAI), causing substantial losses. Unizen quickly
initiated bounty negotiations with the hacker and began collaborating with law enforcement and forensic experts to identify the
perpetrator. Despite ongoing negotiations, Unizen promptly refunded 99% of affected users, with refunds starting on March 11th.
CEO Sean Noga loaned funds to facilitate the reimbursement process, with users who lost below $750,000 receiving refunds in USDT
or USD Coin (USDC).




Block Data Reference

Vulnerable contract created:

https://etherscan.io/tx/0x858c71876a5ad43ffe27f227ad01979f3bd5de95e66194e98cea41f53a43ef59