CAT Protocol Resolves Exploit Attempt Without User Losses

Swift action by CAT Protocol team prevents major damage after discovery of 1.2M unauthorized OPCAT tokens, with enhanced security measures now in place.

Temitope Olatunji By Temitope Olatunji Marco T. Lanz Edited by Marco T. Lanz Updated 3 mins read
CAT Protocol Resolves Exploit Attempt Without User Losses

Key Notes

  • CAT Protocol responded to an exploit involving the creation and sale of unauthorized OPCAT tokens.
  • Community reports led to the discovery of a vulnerability exploited to generate 1.2 million fraudulent tokens.
  • Trading of OPCAT tokens was paused, and a hotfix was deployed to prevent further inflation.

The CAT Protocol team recently addressed an exploit that allowed an unknown actor to create and sell unauthorized OPCAT tokens. Despite the severity of the issue, swift action and robust measures ensured that no user funds were lost, and the protocol remains secure.

On January 12, community members reported a suspicious wallet that had been consistently selling 50,000 OPCAT tokens daily since December 15. Upon receiving the information, the team quickly looked into the situation and identified a vulnerability exploited by the bad actor. It was revealed that 1.2 million tokens had been fraudulently generated and sold, leading to a decline in the token’s market price.

To address the issue, the CAT Protocol team immediately paused all OPCAT trading on exchanges and implemented a hotfix to prevent further token inflation. Working alongside their security partner, SlowMist, they also took steps to safeguard against future attempts.

To rectify the economic impact, the team bought 1.2 million tokens, which will be burned to maintain the total supply of 21 million OPCAT tokens. This approach ensures fairness and stability without affecting user balances. The team stated:

“To compensate users who have accidentally bought these inflated tokens, we have purchased 1.2M tokens, which will be burned to ensure the total circulating supply remains exactly 21M. Users’ balances will not be affected and no further action is required.”

Enhanced Security Measures and Ongoing Investigation

CAT Protocol informed users that it is implementing enhanced security measures to prevent similar issues in the future. The team is also collaborating with top security experts to review the system and address potential vulnerabilities, ensuring a safer and more reliable protocol.

The investigation into the exploit is ongoing, with critical clues already gathered. The team is working with SlowMist and law enforcement agencies to hold those responsible accountable. They encourage individuals who discover vulnerabilities to report them responsibly instead of exploiting them. CAT Protocol wrote:

“We are aware of your actions and have gathered critical clues about the attempted exploit. We are collaborating with leading security firms such as SlowMist Team and law enforcement agencies to trace and hold those responsible accountable. If your intent was to expose a vulnerability, we encourage you to engage responsibly and ethically.”

SlowMist confirmed the exploit on its X page, stating that CAT Protocol had suffered an attack due to a vulnerability. However, it intervened to mitigate the impact and assisted with the investigation, including profiling the attacker.

UniSat, a Bitcoin service provider, acknowledged the issue identified by the CAT Protocol team. Following the team’s recommendation, UniSat has partially reopened the CAT20 market, allowing sell orders while temporarily restricting new buy orders. Users are strongly encouraged to cancel any existing buy orders due to potential risks.

Temitope Olatunji

Temitope is a writer with more than four years of experience writing across various niches. He has a special interest in the fintech and blockchain spaces and enjoy writing articles in those areas. He holds bachelor's and master's degrees in linguistics. When not writing, he trades forex and plays video games. 

Temitope Olatunji on X