Cross-chain liquidity protocol CrossCurve suffered a smart contract vulnerability attack, resulting in the theft of approximately $3 million.

02-02

This article is machine translated

Show original

ChainCatcher reports that, according to The Block, the cross-chain liquidity protocol CrossCurve (formerly EYWA) has confirmed that its cross-chain bridge protocol is "under attack" due to a vulnerability in its smart contract being exploited, resulting in the theft of approximately $3 million across multiple networks. Blockchain security firm Defimon Alerts discovered that the attack exploited a gateway verification bypass vulnerability in CrossCurve's ReceiverAxelar contract.

Analysis shows that anyone can use forged cross-chain messages to invoke the contract's expressExecute function, thereby bypassing expected gateway verification and triggering unauthorized token unlocking on the PortalV2 protocol contract. The protocol is backed by Curve Finance founder Michael Egorov and has previously raised $7 million.

Sector:

AMM

DeFi

Governance

Source

Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.

Add to Favorites

Comments

Relevant content

ME News

Breaking News! The Year of China's RWA: A Compliant Channel Opens for Trillions of Yuan in Domestic Assets to Go Global

BlockTempo

Arthur Hayes speculates that the reason for the BTC crash is "institutional hedging operations": IBIT options saw a surge of $900 million.

BTC

1.17%

The Defiant

Bitcoin Selloff Sparks Hedge Fund Speculation Around BlackRock ETF

BTC

1.17%