Analysts at blockchain security firm Blockaid have reported that Ambient Finance, a decentralized cryptocurrency exchange formerly known as CrocSwap, has allegedly been targeted by hackers in a front-end attack. The breach, which allows malicious code to be embedded on the platform, was highlighted in an X post by Blockaid on October 17.
Following the revelation, the Ambient Finance team confirmed the incident on their Discord server, stating they are currently “investigating” the matter. The full extent of the attack remains unclear, and it is uncertain whether any users have been affected. Users are advised to avoid interacting with the site, as hackers may exploit vulnerabilities to access funds.
Blockaid noted that the attackers are using the Inferno Drainer kit and have established a command-and-control server specifically for this attack.
This incident comes shortly after Radiant Capital, a decentralized finance project built on LayerZero, reported losses exceeding $50 million due to an attack by unknown individuals. A web3 security startup, Ancilia, suggested that the hack likely originated from a backdoor contract deployed on the BNB Chain (formerly Binance Smart Chain) network.
Founded in 2021, Ambient Finance raised over $6 million in a seed round in 2023, achieving a valuation of $80 million. The funding round was led by Blocktower and saw participation from prominent investors including Jane Street, Circle, Tensai Capital, Naval Ravikant, Yunt Capital, Susa Ventures, Quantstamp, and Hypotenuse Labs.
