ETHW confirms contract vulnerability exploit, dismisses replay attack claims
The proof-of-work fork of the Ethereum blockchain was targeted by a cross-chain contract exploit. Post-Ethereum Merge proof-of-work (PoW) chain ETHW has moved to quell claims that it had suffered an on-chain replay attack over the weekend.Smart contract auditing firm BlockSec flagged what it described as a replay attack that took place on Sept. 16, in which attackers harvested ETHW tokens by replaying the call data of Ethereum’s proof-of-stake (PoS) chain on the forked Ethereum PoW chain.According to BlockSec, the root cause of the exploit was due to the fact that the Omni cross-chain....
Related News
An investigation of MEVbots’ contract revealed a backdoor that allows the creators to drain Ether from its users' wallets. MEV gain, an Ethereum (ETH) arbitrage trading bot built by MEVbots, which claims to provide stress-free passive income, has been actively draining its users’ funds via a fund-stealing backdoor. Arbitrage bots are programs that automate trading for profits based on historical market information. An investigation of MEVbots’ contract revealed a backdoor that allows the creators to drain Ether from its users' wallets. Our analysis confirms what the @mevbots promotes for....
Last week, a bitcointalk hero-level community member by the name of "BitcoinEXpress" announced that he found an Achille's Heel-like vulnerability in CryptoNote, a highly-sophisticated and secure cryptography technology. BitcoinEXpress said that someone could attack Monero, a cryptocurrency that uses CryptoNote, because of this vulnerability. In a post, BitcoinEXpress said the following about a vulnerability: "I have no interest in buying any exploit or any interest in attacking Monero. I am neither for or against, the coin. I do however see a serious flaw inherent to all CN coins with....
Albeit Bitcoin and Ethereum wallets have only recently started appearing on the iOS App Store; cryptocurrency users will need to be extra vigilant. A new hack allows attackers to switch legitimate applications with malicious versions. This also means we may very well see fake bitcoin and Ethereum wallet releases in the future. It has to be said, however, this attack requires the assailant to have physical access to the device in question. To a lot of people, this may apparently mitigate the attack vector, but do not be fooled into thinking the threat is over all of a sudden. The....
A hacker apparently so thrilled by a successful theft left behind over $1 million in a smart contract that was set to destruct, permanently ensuring the crypto could never be moved. In a rare comedic bungle among DeFi exploits, an attacker has fumbled their heist at the finish line leaving behind over $1 million in stolen crypto.Just after 8AM UTC on Thursday April 21st, blockchain security and analytics firm BlockSec shared it had detected an attack on a little known DeFi lending protocol called Zeed, which styles itself a “decentralized financial integrated ecosystem”.The attacker....
Another token bridge suffered a malicious attack where tokens were minted by a hacker through a smart contract exploit, eventually leading to a cascade effect across other DeFi networks. The Meter Passport token bridge platform has incurred $4.4 million in losses due to a smart contract hack which also caused Hundred Finance to lose $3.3 million through under-collateralized loans.Meter.io’s Meter Passport (MTRG) is a token bridge that is compatible with Ethereum and its sidechains. This attack affected the Moonriver side of the bridge.Moonriver is a smart contract platform based on....