Securat AI
@SecuratAI
Followers
8
Following
0
Media
4
Statuses
9
Next-generation adaptive security monitoring for Web3
Hong Kong
Joined February 2023
(🧵3/3) Incident Analysis: Attacker Contract Address: 0xa1fAe685c8abF938EB706DedABbcfFbFf3b3D7Da Victim Contract Address: 0xEb11a0a0beF1AC028B8C2d4CD64138DD5938cA7A Attack transaction: 0x48e52a12cb297354a2a1c54cbc897cf3772328e7e71f51c9889bb8c5e533a934
1
0
2
(🧵2/3) This absence of proper access control was getting detected in our automated smart contract auditing system.
1
0
1
(🧵1/3) On March 23th, 2023, Safemoon finance DeFi protocol in BNB chain was attacked to exploit an access control vulnerability in the Safemoon smart contract, and the attacker has brained nearly $8.9 million in its liquidity pool.
1
0
3
(4/4) Attack transaction: 0x39718b03ae346dfe0210b1057cf9f0c378d9ab943512264f06249ae14030c5d5 Contract Code : https://t.co/zmZ6maJIpd
0
0
2
(🧵3/4) Incident Analysis: Attacker Contract Address: 0x190Cd736F5825ff0Ae0141B5C9cb7Fcd042cef2a Victim Contract Address: 0x058baE36467a9fc5e1045dBDfFc2fd65B91C2203 Vesting Contract Address: 0x8BfAA473a899439d8E07BF86a8C6cE5De42fE54B
1
0
2
(🧵2/4) To serve as a warning to future projects and create a security line of defense for the blockchain sector, Securat conducted a technical investigation of this incident and described the security measures.
1
0
2
(🧵1/4) On March 15th, 2023, @Poolz__ Poolz Finance Contract was attacked to exploit a typical integer overflow vulnerability in the LockedControl smart contract of Poolz Finance, and the attacker has brained nearly $390,000.
1
3
4