Solana-based Aurory exploited, 80% of liquidity lost

• Solana-based Aurory loses 80% liquidity in Camelot’s AURY-USDC pool.
• SyncSpace bridge hacked; $600k AURY withdrawn and market-sold on Arbitrum.
• Swift response disables SyncSpace, safeguarding user funds, with ongoing investigations.

In some disturbing crypto news, Aurory, a Solana-based gaming ecosystem, has fallen victim to a significant security breach resulting in an 80% loss of liquidity in its AURY-USDC pool.

The breach targeted the SyncSpace Aurory Bridge on Camelot’s native DEX Arbitrum, prompting a swift response from the project team. Here’s a breakdown of the incident and the measures being taken.

SyncSpace Aurory Bridge hack

The Aurory team detected suspicious activity on its marketplace, leading to the discovery of the exploit in the platform’s buy endpoint. The malicious actor managed to manipulate the SyncSpace Aurory bridge, boosting their $AURY balance and withdrawing approximately 600k tokens to the Arbitrum network. Subsequently, the attacker executed a market sell, liquidating the entire stolen amount.

To contain the breach, SyncSpace has been temporarily disabled for maintenance, freezing asset deposits and withdrawals. Fortunately, no user funds or NFTs are at risk, as the stolen $AURY originated from a team wallet designated for withdrawals by accounts without prior deposits.

The team acted swiftly to absorb sell pressure through their market maker and pool rebalancing, ensuring the exploiter has no remaining tokens to sell. Despite SyncSpace undergoing an audit months ago by a top-tier security firm, the breach raises questions about how this vulnerability eluded detection.

Just a few hours ago, our team detected unusual activity on our marketplace. After quickly investigating, we discovered that a bad actor was able to exploit our marketplace’s buy endpoint, allowing them to increase their $AURY balance in SyncSpace. This allowed them to withdraw…

— Aurory (Play Now) (@AuroryProject) December 17, 2023

Impact on AURY token

In response to the breach, the AURY token experienced a 17% drop to $1.17, recovering some value later. The team is diligently buying back tokens as investigations proceed.

Some tokens belonging to the team were stolen and instantly sold, we've been buying back the tokens as we're investigating what happened

— Tim | (@droowgs) December 17, 2023

The incident has fueled discussions within the crypto community about the security of decentralized ecosystems.

The Aurory team assures users that a detailed post-mortem analysis will follow once the fix is complete and investigations conclude. SyncSpace is expected to be back online in the coming days, with plans for an Amber patch announcement and an end-of-year event for Seekers of Tokane.