y2z Ventures Partner: A phishing attack incident on BSC involving forged authorization to deceive users into paying gas fees

2023-07-09 10:31:50

Collection

ChainCatcher message, y2z Ventures partner blanker.eth stated on social media that there has been a case of forged authorization on the BSC chain, which then used a security incident to lure users into revoking authorization, resulting in a large gas consumption attack.

The attack method is as follows: the attacker deploys a fake ERC-20 contract and then manually forges authorization for a large number of on-chain addresses. When users see security tools prompting them to revoke authorization, they click to revoke and send the transaction, which will mint CHI Tokens into the attacker's wallet, resulting in a loss of approximately $60 worth of BNB.

blanker.eth pointed out that BSC can eliminate this type of attack by integrating EIP-3298. (source link)

(Source Link)

Related tags

y2z Ventures attack incident

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.

2025-05-12 13:50

Binance responds to the "SMS phishing attack" incident: not a new hacking technique, will launch new features to help users identify authenticity

2025-02-26 17:17

Slow Fog Cosine: Has fully followed up on the Infini attack incident, the attacker is quite technically knowledgeable

2025-02-24 12:21

The decentralized protocol Swarm Network has completed a $3 million seed round financing, led by y2z Ventures and Zerostage

2025-01-24 08:06

Related tags

y2z Ventures attack incident

Mention the project