Rabby Wallet exploit prompts users to revoke access

Quick Take

  • An exploited Rabby Swap smart contract caused some users to lose funds as wallets were drained.

  • The full extent of the exploit remains unknown, and users are highly recommended to use access revoking tools to ensure safety.




Ethereum wallet service Rabby has reported an exploit in its smart contract for its Rabby Swap feature.

The full extent of the exploit remains unknown. However, users have reported the draining of funds from wallets. Rabby recommended that users revoke all existing approvals on all chains using the wallet provider’s settings, according to a thread on Twitter.

"If you have used it, please revoke all existing approvals on all chains for Rabby Swap. For those who haven't used Swap, your wallet is safe and unaffected. We are actively working to solve it and we will keep you updated," the project's team said.

The exploit occurred less than a month after Rabby Swap, a token exchange feature designed to optimize liquidity from numerous sources, went live on Sept. 14. Blockchain security firm PeckShield had previously conducted an audit of the Rabby Router smart contract that enables the swap feature.

Rabby Wallet did not immediately respond to The Block’s request for comment. 

This is a developing story.


© 2022 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.