According to SlowMist founder Cosine Monitor, Starknet's on-chain lending protocol zkLend was hacked on February 12, losing more than $9.50 million. The reason for the attack is that the safeMath library used in its market contract uses direct division when performing division calculations, resulting in a rounding vulnerability in the number of zTokens that actually need to be destroyed when calculating withdrawals. The attacker is taking advantage of this vulnerability to profit. The on-chain d...
SlowMist founder Cosine tweeted, "BitmapPunks, which is driving up Ethereum Gas fees, is indeed a fully-onchain, ultra-large, hybrid collection. However, the contract is not open-source verified, and it is not carefully checked whether there is any risk."
SlowMist founder Cosine tweeted that the EVM (ETH/BSC/BASE) address of DEXX hackers continued to change, and many funds (including some Meme) continued to collect to the address starting with 0xffb9 from around 7:00 in the morning. On-chain data shows that the address currently holds about 440,000 US dollars in assets.
The founder of Slow Mist, Cosine Yu X, wrote that in the early morning of this morning, various value tokens on the Solana address related to the DEXX attacker were exchanged for SOL. At present, these SOL have not been transferred out. In addition, the attacker's EVM (ETH/BSC/BASE) addresses have begun to experience abnormal tests, and there has been no large-scale abnormal.
Slow Mist founder Cosine X issued a statement saying that the attacker used the XSS vulnerability of the Cointelegraph website to trick the target user to open the Cointelegraph official website (with XSS malicious script), so: - malicious script loading execution; - The address bar is set to https://cointelegraph [.] com/not-public/drafts/article-1033 at first glance, I thought it was an official unpublished draft; - Sign in with X box; - After clicking Sign in with X, open X's third-party app ...
The founder of Slow Mist, Cosine Yu X, wrote that at around 4 a.m. this morning, various value tokens on the Solana address related to the DEXX attacker were exchanged for SOL. At present, these SOL have not been transferred out. In addition, the attacker's EVM address has not been changed for the time being.
The founder of Slow Mist, Cosine, wrote that the Sui ecological project OceansGallerie (@OceansGallerie) is indeed quite strange. The token pool is too controlled, the total amount of tokens 10 billion OCEANS, Holders is too concentrated, and the tokens have fallen dozens of times in less than a week of issuance. Now the pool is less than 20,000 dollars. The address of abnormal operations is strongly related to the address of OCEANS token issuance. According to X user @tongyiju, Cetus Protocol t...
"Pay attention to the DEXX trading tool, many users have been stolen, and there are only a few stolen users who have requested us from various channels in the morning, and the losses are large or small. The theft time is concentrated, and the loss is estimated to be not small. Some users found out in time that they had withdrawn part of their funds. The stolen crowd is related to using DEXX as a washing dog/speculation MEME. The private key belongs to DEXX centralized hosting, which must have be...
SlowMist founder Cosine said that the private key of DAI L2 Deployer was leaked, resulting in some recently deployed L2 DAI contract addresses being "honeypot" addresses controlled by attackers. The address has no associated risk on Optimism and Arbitrum, but the Base and Polygon network contracts are not secure. The mainnet DAI contract is secure.