TIME Token Exploited, $188k Lost In The Exploit

According to CertiK, the TIME token was exploited recently, resulting in a loss of approximately $188k. 

The attack began with the exploiter converting 5 ETH to Wrapped Ether (WETH), and then trading this for over 3.4 billion TIME tokens.

CertiK analysts reported that the exploit’s root cause was the manipulation of the Forwarder contract, which is designed to execute transactions from any address. 

The attacker crafted a request with a falsified sender address, which they controlled, and a matching signature. This deceptive request passed the Forwarder contract’s verification process.

The attacker leveraged a parsing error, where the TIME contract was deceived into recognizing an attacker-controlled address as legitimate. 

As a result, the TIME contract erroneously burned a massive amount of tokens from the target pool controlled by the attacker, rather than the intended address.

See Also: MyDoge Twitter Account Hacked, Mobile App and Wallets Secure

The attacker burned over 62 billion TIME tokens, leading to a drastic reduction in the token pool. The tokens were then exchanged for a substantial amount of WETH, eventually converting these back to ETH, including a portion used for a bribe in the process.

This incident highlights the underlying vulnerabilities in smart contracts, where even a minor error can lead to substantial financial losses.

Disclaimer: The information provided is not trading advice. holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *