Beosin Trace: TIME token was attacked, hackers made about $188,000

Beosin EagleEye security risk monitoring, warning and blocking platform under Beosin detected an attack on the TIME token, with hackers profiting about $188,000. Beosin security team analyzed that the hacker exploited a contract vulnerability to destroy the TIME token in the TIME-ETH trading pair, thereby profiting. The reason for this is that the _msgSender() of the TIME token returns not msg.sender, but is selected based on the caller. If the caller is the Forwarder contract, then the specified address of the caller is returned. At the same time, the Forwarder contract has arbitrary external call function, and the attacker calls the TIME contract's burn function through the Forwarder contract, passing in the pair address, and finally destroying the TIME token in the pair.

Comments

All Comments

Recommended for you

ABCDE Capital ·

ABCDE: Why We Invest in aPriori

aPriori is an MEV (Maximal Extractable Value) liquid staking platform on Monad. Its innovative design significantly reduces latency, maximizing compatibility with Monad’s high performance. The team members are from the high-frequency trading field, with experience in top companies like Jump Crypto, Flow Traders, and Coinbase. With the team’s background in top high-frequency trading crypto institutions, aPriori is building the infrastructure that helps Monad realize its potential as a high-throughput network ready for mass adoption.
Cointime精选 ·

APRO Oracle and Lnfi Network Launch Groundbreaking Price Oracle Service on Lightning Network

We are thrilled to announce that APRO Oracle is joining forces with Lnfi Network to introduce the first-ever price oracle service based on the latest mainnet version of Taproot Assets. This collaboration aims to provide weighted prices from major exchanges like Binance directly to the Lightning Network, ensuring a new level of efficiency and reliability in decentralized finance.
LinkLayerAI ·

What will LinkLayerAI will bring to the Web world?

LinkLayerAI aims to explore and implement how to measure the value of each user's behavioral data.
LinkLayerAI ·

Agent is Productivity

The role of AI Agents in the Data Monetization Process
PermaDAO ·

AOS Web: Redefining UX/UI on the Permaweb

AOS Web pioneers UX/UI innovation on the permaweb with user-centric features like process management, command autocompletion, and quest tracking.
Xangle ·

[ADOPTION] Infra - NTT Digital, Circle, Fireblocks

The primary agenda of these three companies is to provide the essential infrastructure for service development within a regulated environment. With regulatory uncertainty pervading the cryptocurrency market and Web3 industry worldwide, the pivotal ro
Xangle ·

[ADOPTION] L1 - Why Global Enterprises Are Betting on Avalanche

Avalanche has established itself as a key blockchain infrastructure option for global enterprises testing Web3 transitions, including JPMorgan, Citi, Shopify, and Alipay. Its Subnets offer customization and regulatory compliance, driving significant
Footprint_Data ·

Footprint Analytics Boosts Core’s Data Efficiency in the Bitcoin Ecosystem

Footprint Analytics Boosts Core’s Data Efficiency in the Bitcoin Ecosystem
Xangle ·

[ADOPTION] L1 - Make your Move with Aptos

Aptos distinguishes itself from other monolithic chains with its sub-second transaction speeds and extensive enterprise adoption across diverse sectors such as finance, gaming, and retail. Aptos’ robust partnerships with industry leaders like Microso
PermaDAO ·

Arweave Weekly Highlights Week 29｜Launch of Temporary Storage Application Arfleet, Release of AOS Web, Over $500 Million stETH Deposited, Astro Releases Whitepaper

Data from Arweave Network Last Week: Arweave mainnet has completed a total of 177,107,057 transactions, with 1.6 TiB storage achieved in the past week.