KiloEx's summary of the hacking incident: A bug in the TrustedForwarder contract led to this attack
According to ChainCatcher's message, KiloEx stated in a post that the root cause analysis and summary of the hacking incident revealed that the incident was caused by its smart contract's TrustedForwarder contract inheriting OpenZeppelin's MinimalForwarderUpgradeable but failing to override the execute method, which allowed the function to be called arbitrarily.
The attack occurred between April 14, 18:52 and 19:40 (UTC), with the hacker deploying attack contracts across multiple chains including opBNB, Base, BSC, Taiko, B2, and Manta. After negotiations, the hacker agreed to retain 10% of the bounty and has returned all stolen assets (including USDT, USDC, ETH, BNB, WBTC, and DAI) to the multi-signature wallet designated by KiloEx.
Risk warning
Related tags
ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
Related tags
Mention the project
