Posted:
- Trader Joe, a popular DEX on Avalanche, experienced a security threat.
- Even though the team was quick to resolve the issues, DEX volumes and prices were impacted.
Trader Joe, one of the largest DEX’s on the Avalanche[AVAX] network, recently faced some issues related to security.
Some threats
Trader Joe faced a security threat when attackers replaced the contract address with a fake one. This phishing attempt could have tricked users into sending tokens to the wrong place.
Phishing, in this context, is a trick where attackers try to deceive users by replacing the real address of a platform with a fake one.
It’s a sneaky attempt to make users send their tokens to the wrong place, putting their assets at risk.
In the case of Trader Joe, the team quickly caught this phishing attempt and took action to protect users from falling into the trap.
🚨 Update
Our team’s preliminary analysis identified a potential exploit in a 3rd party analytics plugin hacked JavaScript code used by our frontend.
We’ve taken immediate action on this finding and the code has been removed, and our host remains secure with no other… https://t.co/hJBRyOF5gW
— Trader Joe (@TraderJoe_xyz) November 18, 2023
A quick recovery
The team quickly spotted the issue and removed the harmful code to protect the users. Some users reported problems with token swaps, affecting about 100 people across different blockchains like Avalanche, Arbitrum, BNB, and Ethereum.
The good news is that this didn’t directly impact important actions like liquidity transactions, lending, or staking.
As they dug deeper, the team discovered a potential exploit in a 3rd party analytics plugin’s JavaScript code used on their website. This code was promptly removed to prevent further risks.
Despite the security issue, Trader Joe is now safe for trading, liquidity, staking, lending, and more. The team stressed that there are no external integrations or third-party solutions, enhancing user security.
🚨 Further Update: Frontend Restored 👍
Following investigation and removal of the vulnerable 3rd party analytics code, the frontend has now been restored and it is marked safe to use for all activities such as trading, liquidity, staking, lending and more.
There are no other… https://t.co/bjkeog756u pic.twitter.com/MzLiFdG9bH
— Trader Joe (@TraderJoe_xyz) November 18, 2023
Realistic or not, here’s AVAX’s market cap in BTC terms
Due to these factors, there was a slight dip in the overall DEX volumes on the Avalanche network. Coupled with that the TVL on Avalanche also fell.
AVAX was also caught in the crossfire. The price of the token fell by 4.41% in the last 24 hours. However, the correction wasn’t enough to establish a trend.