#SCAMalerts

🚨 Scam Alert: Unleash Protocol Hacked via Multisig for $3.9 Million

The Unleash Protocol project has been the victim of a serious attack. Hackers gained control of administrative functions and withdrew significant user funds.

🔍 What happened?

According to CertiK Alert analysts, the attackers exploited the protocol’s multisig vulnerability. This allowed them to:

• Gain administrator rights via a compromised address.

• Perform unauthorized updates to smart contracts.

• Withdraw assets including: WETH, USDC, WIP, stIP, and vIP.

💸 Where did the money go?

About 1,337 ETH (approximately $3.9 million) has already been transferred via the Tornado Cash mixer to cover up the tracks. The funds were withdrawn via third-party bridges to the hackers’ external wallets.

🛡 Team Response:

1. Operations Suspended: Unleash Protocol operations have been completely suspended to prevent further losses.

2. Investigation: The team has engaged independent cybersecurity and forensic experts.

3. Story Protocol Security: It is reported that Story Protocol contracts and infrastructure were not affected - the attack was solely aimed at Unleash.

⚠️ Important for users:

• DO NOT interact with Unleash Protocol smart contracts until an official security announcement is made.

• Only trust information from the project's official channels.

• Remember the DYOR rule (do your own research) before investing in DeFi protocols.