New zkSync-based decentralized exchange Merlin was seemingly exploited for over $1.1 million this morning during a public sale of its mage (MAGE) tokens.
Exploiters drained some $850,000 worth of USD Coin (USDC) from Merlin on Wednesday morning, with some more relatively illiquid tokens drained. As such, blockchain veri suggested that some entity with control of the liquidity pool was able to drain the funds easily – meaning this was not a complex or sophisticated exploit.
The attack occurred despite Merlin sporting an audit conducted by blockchain security firm CertiK. “No Critical Findings,” the audit concluded, as CertiK’s website veri shows.
Merlin was offering its mage tokens in a public sale to investors in a three-day event without any hard cap. “$MAGE will begin trading at $45, with a $850K market value. The total amount raised will determine the final price of tokens for all users,” developers said Tuesday.
Merlin developers did not issue any statement regarding the funds drain as of Asian morning hours on Wednesday.
Recommended for you:
- Diana Biggs: Building Early-Stage Ventures in Web3
- SEC to Make It Harder for Hedge Funds to Work With Crypto Firms: Bloomberg
- Tron Founder Justin Sun Reportedly Lost His Diplomatic Status
- Join the Most Important Conversation in Crypto and Web3 in Austin, Texas April 26-28
(This is a developing story.)