2月8日消息,CertiK Alert 报告检测到一起闪电贷攻击事件。攻击者利用未验证合约 0x2d70d62deb1cb9918ff6be7bb5d173e8cd4ad854 中未受保护的 depositBNB() 函数,将 226 个 BNB 兑换成 ADACash,并通过夹层交易获利。该攻击涉及金额约 10.8 万美元。 CertiK Alert 称,0x2d 地址相关资金疑似与2021年末至2022年初earnhubBSC的rug-pull事件有关。
The Hologram team confirms that the Holoworld AI X account has been compromised. Users are advised to be vigilant and not interact with the account.
According to security firm CertiK, @tonykebot took advantage of the lack of protection in UUPS implementation to implement a successful white hat rescue operation, returning the 1.47 million USDC obtained by the Moby hacker who had previously attacked the on-chain option agreement to the project owner.
CertiK Alert 于 X 发文表示,其监测到 Arbitrum 上的合约 0x9e34F79E39AddB64f4874203066fFDdD6Ab63a41 发生可疑交易。 大约 8 小时前,管理员和部署地址已更新,约 250 万美元的资产已被提取,其中包括 147 万枚 USDC、3.7 枚 WBTC 和 207 枚 WETH。
Web3 security company CertiK recently released the "Hack3d: 2024 Annual Security Report". The report shows that the total loss caused by security incidents in the Web3.0 field in 2024 exceeded 2.363 billion US dollars, an increase of 31.61% year-on-year. There were 760 security incidents in the year, of which phishing and private key leakage were the two main attack methods, causing losses of 1.05 billion US dollars and 855 million US dollars respectively. Phishing attacks caused losses accounte...
据 CertiK Alert 监测,BSC 上 Slurpycoin 遭遇闪电贷攻击,攻击者利用回购机制操纵代币价格,并从三明治套利中获利约 3,000 美元。 这次攻击也是 7 月 2 日 MRP 代币损失约 1 万美元漏洞的罪魁祸首。
On December 10, the CertiK alert system detected an exploit attack on the Rebalancer contract on the Base chain, and the attacker made 133.7 ETH, about $501,000, through the reentry vulnerability. According to the analysis, the root cause of the vulnerability is that the open () function of the contract allows an arbitrary pool.strategy contract address to be passed in. The attacker uses this feature to enter the attack contract and reenter the operation when calling the burn function, thereby o...