On April 21, KiloEx released the root cause analysis and post-event summary of the hacking incident. The cause of the incident was that the TrustedForwarder contract in its smart contract inherited the OpenZeppelin MinimalForwarderUpgradeable but did not override the execute method, resulting in the function being arbitrarily called.
The attack took place between 18:52 and 19:40 (UTC) on April 14. The hackers carried out the attack by deploying attack contracts on multiple chains such as opBNB, Base, BSC, Taiko, B2 and Manta. After negotiation, the hackers agreed to keep the 10% bounty and have returned all stolen assets (including USDT, USDC, ETH, BNB, WBTC and DAI) to a multi-signature wallet designated by KiloEx.
KiloEx Releases Hack Summary: Vulnerability in TrustedForwarder Contract in Smart Contracts
2025-04-21 11:08:01
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
KiloEx 发布黑客事件总结:智能合约中的TrustedForwarder 合约存在漏洞Next article:
BTC跌破87000美元