Sunray Finance Exploit

On May 14, 2025, the Equalizer decentralized exchange (DEX) was exploited by a hacker who drained user funds through a series of unauthorized transactions. The attack began around 4:10 am UTC with the theft of 2,500 SpookySwap liquidity tokens (spLP), followed by the siphoning of various other assets including 2,353 Equalizer (EQUAL), 510,579 FantomStarter (FS), 6 million AnyInu (AI), 985,565 ChillPill (CHILL), 50,000 WigoSwap (WIGO), and 25 multiDEUS (DEUS).

The hacker’s wallet, active for over 220 days, remained operational and continued to receive stolen funds. In response, the Equalizer team issued a warning on X, urging users to stop interacting with the platform and to revoke any approvals made within the previous six hours to limit further damage. Although the total value of the stolen tokens was relatively small, the attacker’s method of using low-value, small-scale transactions initially allowed them to evade detection.

The price of the EQUAL token dropped by 11%, falling to around $8.90 following the incident. Adding to the chaos, a scammer launched a fake Equalizer X account to trick affected users with fraudulent refund offers. This exploit underscores the persistent risks of unauthorized contract approvals in DeFi and the importance of cautious interaction with unfamiliar dApps or approval requests.