On May 29, SlowMist reported that a vulnerability in the ONTR token contract's onlyOwner modifier allowed for access control bypass. When owner == address(0), any address could pass the permission check. Prior to the attack, the owner address had been set to zero. The attacker exploited this vulnerability by calling transferOwnership() to set the ownership to their contract, then called desertJasper() to add hidden balances to the queue, and finally executed glenFlash() to run ashBud(), increasing the balance of that address to 1e30 base units without increasing the totalSupply. Subsequently, the attacker transferred these 'generated' tokens to a standard PancakePair and exchanged them for assets from a legitimate WETH liquidity pool via swap(). The attacker manipulated account balances and minted tokens without cost due to the access control vulnerability in the token contract, stealing WETH from a legitimate automated market maker (AMM) liquidity pool. The attack resulted in a loss of 49.4801 WETH, approximately $98,315.16.
Welcome Back
Click “Sign in” to agree to Cointime’s Terms of Service and acknowledge that Cointime’s Privacy Policy applies to you.
Join CoinTime
Already have an account?
Click “page.Sign up” to agree to Cointime’s <a class="underline" href="#term-of-service">Terms of Service</a> and acknowledge that Cointime’s a class="underline" href="#privacy-policy">Privacy Policy</a> applies to you.
Sign in with email
Sign up with email
Your email
Check your inbox
Click the link we sent to to sign in.
Click the link we sent to to sign up.
SlowMist: ONTR Token Contract Vulnerability Exploited, Attacker Generates $98,000 WETH
-
Wechat scan to share
Recommended for you
-
S&P 500 Index Set for Rare Nine-Week Winning Streak
On May 29, hopes that a ceasefire agreement could bring an end to the Middle East conflict have propelled the U.S. stock market towards a rare weekly winning streak record, with a surge in artificial intelligence trading also boosting the market. The S&P 500 index has rebounded nearly 20% from the lows triggered by the war and is poised for its ninth consecutive week of gains, marking the longest winning streak since December 2023. Such a rare occurrence has only happened a few times since 1985. On Friday, the index edged higher, hovering near record highs. -
Grayscale to Introduce $115 Million HYPE Token Seed Funding for Hyperliquid Staking ETF
On May 29, Finance Feeds reported that Grayscale is in talks with Hyper Holdings Global LP to sell shares of its proposed Hyperliquid ETF in exchange for approximately 2 million HYPE tokens, valued at about $115 million at current prices, to serve as seed capital before the fund's listing. At the same time, Grayscale has renamed the product to 'Grayscale Hyperliquid Staking ETF', which is set to be listed on NASDAQ under the ticker HYPG. The new staking feature distinguishes it from a traditional spot ETF that solely tracks token prices. -
BTC Falls Below $73,000
Market data shows that BTC has fallen below $73,000, currently priced at $72,999.33, with a 24-hour decline of 0.4%. The market is experiencing significant volatility, so please ensure proper risk management. -
Spot Gold Reaches $4,550/oz, Up 1.20% for the Day
Spot gold has reached $4,550 per ounce, rising 1.20% for the day. -
S&P 500 Technology Sector Hits Record High, Up 1.7%
On May 29, it was reported that the S&P 500 technology sector has reached a historic high, currently up 1.7%. -
U.S. Stock Indices Open Slightly Higher; Dell Rises Over 30%
On May 29, U.S. stocks opened with the three major indices slightly higher, with the Dow Jones up 0.18%, the S&P 500 up 0.09%, and the Nasdaq up 0.16%. Dell (DELL.N) surged over 30% as its first-quarter earnings exceeded expectations. Stocks of AI server manufacturers also rose, with Super Micro Computer (SMCI.O) up over 7% and HP (HPQ.N) up over 6%. -
Musk Denies Reports of SpaceX Lowering IPO Valuation Target to At Least $1.8 Trillion
On May 29, Musk denied reports that SpaceX had lowered its IPO valuation target to at least $1.8 trillion. (Jin Shi) -
BTC Surpasses $73,000
Market data shows that BTC has surpassed $73,000, currently priced at $73,002.41, with a 24-hour increase of 0.04%. The market is experiencing significant volatility, so please ensure proper risk management. -
ETH Surpasses $2000
Market data shows that ETH has surpassed $2000, currently priced at $2000.67, with a 24-hour increase of 1.04%. The market is experiencing significant fluctuations, so please ensure proper risk management. -
Federal Reserve's Paulson: Monetary Policy is Moderately Restrictive and at an Appropriate Level
On May 29, Federal Reserve's Paulson stated that inflationary pressures have impacted the economy, and that monetary policy is moderately restrictive and at an appropriate level; current inflation is too high, having been elevated even before the onset of the war.
Daily Must-Read
-
DMDAO: Building a New DeFi Value Structure Around Real Liquidity and Long-Term Deflation
-
Symbiosis of Encryption and AI: Clearing Short term Noise and Anchoring Long term Era Mainlines
-
OGPLUS-NT: The Value Engine of a New Era in Global On-Chain Finance
-
Hyperliquid: Disrupting the paradigm of trading and reshaping the new landscape of DeFi financial infrastructure
-
Ethereum's' Chinese Concept Shareization ': Mid life Dilemma of Faith Decline, Power and Responsibility Loss, and Narrative Gap
-
CARDPIE — A Global USDT Card Aggregation Platform Making Cross-Border Payments Seamless
All Comments