On December 17th, the Solana-based gaming platform Aurory was hacked, resulting in a loss of nearly 80% of the liquidity in the AURY-USDC pool on the decentralized exchange Carmelot. The attack targeted Aurory’s SyncSpace bridge on Arbitrum, draining funds from the pool and reducing its value from $1.5 million to around $312,000.
SyncSpace acts as a bridge allowing users to move assets between on-chain and off-chain spaces. The Aurory team had previously claimed that cross-SyncSpace hacks were impossible due to the signature requirements for syncing/desyncing assets.
In the aftermath, Aurory team member Tim explained on Twitter that the attack had stolen and immediately sold tokens belonging to the team. Aurory has been buying back tokens as they investigate the exploit. They plan to release a full post-mortem after completing an audit.
At the time of writing, AURY was trading at $1.23, down 11% in 24 hours. The attack had briefly knocked the token price down to $1.13 before bottom buyers caused it to rebound sharply. The weekend also saw other crypto platforms like NFT Trade fall victim to exploits, highlighting lingering security issues in the space.
