Crypto M - Crypto News

🚀 Security Concerns Arise Over Smart Contract Deployment Vulnerability

According to PANews, a recent article by SlowMist highlights a security vulnerability in smart contract deployment that has garnered significant attention. The issue involves an attack method using CREATE and CREATE2 to deploy 'same address, different contract' scenarios. Attackers can initially deploy a secure contract to gain authorization, then self-destruct it and redeploy a malicious contract using the same deployment path. This tactic can lead to the execution of malicious logic through delegatecall, potentially resulting in the hijacking of DAO governance rights.

SlowMist advises developers to record and verify code hashes, exercise caution when using delegatecall, and be aware of the risks associated with contract self-destruction and address reuse. These measures are recommended to mitigate the potential threats posed by this vulnerability.

#Security #SmartContracts #Vulnerability #BlockchainSecurity #AttackMethod #CREATE #CREATE2 #Authorization #MaliciousContract #DAO #GovernanceRights #CodeHashes #Delegatecall #ContractSelfDestruction #AddressReuse #Mitigation

33 views11:15

Crypto M - Crypto News

🚀 Cyvers Detects Suspicious Transactions Involving UXLINK

According to Foresight News, security firm Cyvers has issued a warning after its system detected suspicious transactions involving approximately $11.3 million linked to UXLINK. An Ethereum address executed a delegateCall, removed the administrator role, and invoked the 'addOwnerWithThreshold' function. This resulted in the transfer of 4 million USDT, 500,000 USDC, 3.7 WBTC, and 25 ETH. All USDC and USDT have been moved.

#Cyvers #UXLINK #ForesightNews #suspicioustransactions #delegateCall #addOwnerWithThreshold #USDT #USDC #WBTC #ETH

30 views16:54

About

Blog

Apps

Platform