Data: ONTR token contract access control vulnerability caused a loss of approximately $98,000

According to SlowMist monitoring, the ONTR token contract has an access control vulnerability due to the onlyOwner modifier, resulting in a loss of 49.4801 WETH, worth approximately $98,000. The attacker (0xe806…b760) exploited this vulnerability by calling transferOwnership() to set the attacker contract as the owner when the owner was address(0) through permission checks, then called desertJasper() to add hidden balances to the queue, and subsequently called glenFlash() to execute ashBud(), directly increasing the address balance by 1e30 basic units without increasing the totalSupply. The attacker transferred the inflated tokens to PancakePair (0xd46d…83fd) and exchanged them for WETH through swap().