1. PixelPlaygroundHome
  2. Metaverse Insights

DEXIBLE Contract Attacked by Hackers

Metaverse Insights 109 views

On February 17, according to the Beosin EagleEye security risk monitoring, early warning and blocking platform monitoring of Beosin, a blockchain security audi…

DEXIBLE Contract Attacked by Hackers

On February 17, according to the Beosin EagleEye security risk monitoring, early warning and blocking platform monitoring of Beosin, a blockchain security audit company, the Dexible project contract was attacked by hackers. The Beosin security team found that there is a logical vulnerability in the Dexible contract selfSwap function, which will call the fill function. This function contains a call to the attacker’s customized data. The attacker constructed a transferfrom function in this data, and passed in the address of other users (0x58f5f0684c381fcfc203d77b2bba468ebb29b098) and his attack address (0x684083f312ac50f538cc4b634d85a2feafaab77a), The token authorized by the user to the contract was transferred by the attacker. The stolen funds were 1.54 million yuan. Beosin Trace tracked and found that the attacker had transferred the stolen funds to Tornado Cash. Beosin reminds users: cancel the token authorization of the address 0xde62e1b0edaa55aac5ffbe21984d321706418024 to prevent theft.

The Dexible project was attacked and the stolen funds were about $1.54 million

Interpretation of the news:


On February 17, the Beosin EagleEye security risk monitoring and blocking platform discovered that the DEXIBLE project contract has been attacked by hackers, resulting in stolen funds amounting to 1.54 million yuan. Beosin, a blockchain security audit company, found that the attack was due to a logical vulnerability found in the Dexible contract selfSwap function, which called the fill function containing a call to the attacker’s customized data.

The attacker constructed a transferfrom function using the customized data and passed in the address of other users (0x58f5f0684c381fcfc203d77b2bba468ebb29b098) and their attack address (0x684083f312ac50f538cc4b634d85a2feafaab77a) to transfer the token authorized by the user to the contract. The stolen funds were then transferred to Tornado Cash, which Beosin traced and found.

To prevent further theft, Beosin reminds users to cancel the token authorization of the address 0xde62e1b0edaa55aac5ffbe21984d321706418024.

This news highlights the importance of effective blockchain security systems to prevent hacker attacks and maintain the integrity of financial markets. Such attacks can result in financial losses, making it essential to have reliable audit and monitoring platforms to detect vulnerabilities and prevent unauthorized access.

Furthermore, this incident highlights the importance of user awareness and education about blockchain and token authorization to prevent unauthorized access by hackers. Canceling token authorization can prevent unauthorized access and preserve user funds.

In conclusion, Beosin’s report on the DEXIBLE Contract’s attack by hackers is a reminder of the need for robust blockchain security systems and enhanced user awareness to maintain the integrity and security of blockchain networks. Proper security measures must be implemented to prevent future attacks and protect users from financial losses due to such vulnerabilities.

This article and pictures are from the Internet and do not represent Fpips's position. If you infringe, please contact us to delete:https://www.fpips.com/1233/

It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.

Like (0)
Previous 02/17/2023 08:27
Next 02/17/2023 09:02

Recommended articles