Crypto NewsAltcoinHacker Attack on Decentralized Stock Exchange! Developers Stated!
AltcoinNews

Hacker Attack on Decentralized Stock Exchange! Developers Stated!

A decentralized exchange has been hacked after receiving a code audit from smart contract inspector Certik.

Author: Utku Yanık
Update:
Follow Bitcoin Sistemi Google News Button
0

A new one has been added to the hacker attacks in recent days. Merlin, a decentralized exchange using zkSync, appears to have been hacked for over $1.82 million just after it received a code audit from smart contract inspector Certik.

Decentralized Exchange Merlin Hacker Attacked

zkSync DEX Merlin reportedly suffered a $1.82 million hacker attack right after the code audit.

Certik tweeted that he was investigating the incident and that his initial findings pointed to a potential issue with private key management, not a code breach.

“Although audits cannot prevent private key issues, we always recommend best practices to projects,” Certik said. "If any bugs are detected, we will work with the relevant authorities and share relevant information. Stay tuned for updates."

Meanwhile, eZKalibur, a zkSync decentralized exchange and launchpad that, like Merlin, forks part of DEX Camelot's contract, claims to have detected the malicious code responsible for draining funds.

When questioning the quality of Certik's audit, he explained, "These two lines of code in the initialization function allow feeTo to transfer an unlimited (type(uint256).max) amount of token0 and token1 from the contract's address".

"In this case, the feeTo address can call the transferFrom function on the respective tokens to transfer the tokens from the contract address to it."

If such a finding is not "critical", it should at least be reported as "significant". eZKalibur said:

"It can't be seen as a stealth and simple decentralization issue. Because without a time lock, it can lead to an instant draining of all the funds invested in the protocol, which is exactly what happens."

Merlin developers have since asked users to revoke their website-linked wallet permissions. They stated that they analyzed the protocol being hacked.

*Not investment advice.

To invest in more than 300 cryptocurrencies, you can register with Binance exchange with 20% COMMISSION DISCOUNT from this link!
Follow our Telegram and Twitter account now for exclusive news, analytics and on-chain data!



Similar Posts

Buradaki Yorumlardan Bildirim Al
Bildir
guest

0 Comments
Latest
The oldest Top Rated
Inline Feedbacks
View all comments

Popular Posts of the Week

Subscribe to Our Newsletter

With an e-mail subscription, you can be instantly informed about the Breaking news in the crypto market.

Crypto News, Analysis and Markets

Bitcoin News

Ethereum News

Crypto Analytics

Bitcoin Price

Live Cryptocurrency Data

Bitcoin Sistemi

Crypto Dictionary

Our Team

About

Privacy

Business Partners

Advertisement

Contact

Follow Us

Mobile Application

Risk Disclosure: Guides, news, articles and analyzes on Bitcoinsistemi.com do not constitute investment advice. Keeping in mind that Bitcoin and cryptocurrencies are high-risk products, you should do your own research for each investment decision. Otherwise, you may come to the point of losing your entire investment. In this context, you should know that you are responsible for the losses that may arise from all your transfers and transactions.
Bitcoinsistemi.com is a news site, does not provide investment advice and does not recommend investing in any projects or digital assets. In this context, the content and content authors on Bitcoinsistemi.com cannot be held responsible for the investment decisions you make.

© Copyright 2023