BlockSec: Two multi-chain contracts were attacked, resulting in losses exceeding $17 million. Attackers exploited an authorization vulnerability to transfer assets.

This article is machine translated

Show original

On January 26, BlockSec Phalcon reported that it had detected a series of suspicious transactions a few hours earlier. The attack targeted contracts deployed by two creators, involving Ethereum, Arbitrum, Base, and BSC, with total losses exceeding $17 million.

These compromised contracts were not open source and appeared to have arbitrary call capabilities. The attackers exploited existing token authorization to transfer and drain the contract's assets by executing `transferFrom`.

Affected contract deployers:

0xbeef63AE5a2102506e8a352a5bB32aA8B30B3112, with a loss of approximately $3.67 million; 0x9cb8d9BaE84830b7f5F11ee5048c04a80b8514BA, with a loss of approximately $13.41 million.

Sector:

Layer 2

Modular Blockchain

Rollups

Source

Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.

Add to Favorites

Comments

Relevant content

ODAILY

Nietzsche Penguin's 6000x growth in a week, Solana meme coin re-forges glory.

PENGUIN

20.62%

BeInCrypto Việt Nam

The risk of another US government shutdown is causing crypto market sentiment to plummet.

BTC

1.03%

All-in station

Another long-standing NFT project closes down due to challenging market conditions.