Detail Analysis
Date:
Status:
Count:
Contributor:
July 24, 2021
Verified
4
zerofriction.io
Loss Amount:
76,000
Recovered Amount:
-
Currency:
Dollars, RUNE
KYC By:
Audit By:
None
None
Website:
Twitter:
No data
Discord:
No data
Telegram:
No data
Medium:
No data
Github:
No data
Key Indicators
Platform:
Type:
Category:
Method:
Thorchain
Protocol
Dexes
Contract Vulnerabilities
Extended Method:
contract backdoor
Data Sources:
THORChain (RUNE), a decentralized cross-chain transaction protocol, claims that hackers airdrop UniH tokens to Ethereum addresses as bait to steal RUNE tokens in users' wallets. Hackers have airdropped UniH tokens with malicious contracts to at least 76,000 Ethereum addresses. Once receiving users sell their newly received UniH tokens (or even just approve the sale) on decentralized trading platforms such as Uniswap, the hackers will They can steal any RUNE tokens they have in their wallets. This is because the RUNE token uses a non-standard token contract called "tx.origin". According to Thorchain’s RUNE token contract code “Beware of phishing contracts that may steal tokens by intercepting tx.origin”, it knows that this type of attack may occur. In just a few hours, hackers have stolen USD 76,000 worth of tokens. currency.
DISCLAIMER: While Zero Friction LLC has used the best efforts in aggregating and maintaining this database, Zero Friction LLC makes no representations or warranties with respect to the accuracy or completeness, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose.
Under no circumstances, shall Zero Friction LLC be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the dataset or information derived from our database.