White Hat Hacker Group Block Sec Thwarted A 2900 Eth Exploit This Morning
Kyle
Mar 17, 20232 min read
Friday morning was anything but boring at the Bored Ape Yacht Club as a hacker attempted to drain ParaSpace’s Ape staking system but was thwarted by known white hat hacker group, Block Sec.
1,455 Bored Apes and Mutant Apes were staked in ParaSpace’s protocol during an attempted hack on the system around 2 A.M. Est on Friday morning.
After an unknown hacker attempted to exploit and Paraspace’s contract three times, Block Sec submitted the same transaction as the would be hacker, but with a higher gas fees, and removed 2900 Eth or $4,973,500 USD from the protocol; thus saving the staking system!
“There is a flawed logic in borrow() of the ParaProxy contract (0x638a) of @ParaSpace_NFT, Block Sec tweeted after it saved the funds. “The attacker can borrow more tokens as his scaled Balance will be enlarged by depositing into the position of the proxy (0xC5c9), i.e., specifying the _recipient of depositApeCoin().pecifically, the scaledBalance is calculated with the following formula: sharesAmount.mul(_getTotalPooledApeBalance()).div(totalShares), while _getTotalPooledApeBalance() could be manipulated. In total, there are 6 key attack steps.”
Following the attempted hack, the Bored Ape Gazette reached out to Block Sec and asked what happens next.
“We first will work with the team to ensure that the vulnerability will be fixed. Then we will return the funds to the project,” they said.
At the time of this article’s publication, Block Sec told the Gazette that they are in contact with Paraspace and are working to fix the issue. “We are working with Paraspace to locate the root cause of the vulnerability,” they said.
The Bored Apem Gazette reached out to Paraspace but did not immediately hear back from the company. At the time of this article’s, the company tweeted that users depostied Apes and NFTs are safe and that their team has paused its entire system out of an abundance of caution as it works with Block Sec.
“We noticed a suspicious transaction, and as a security measure, we have paused the entire ParaSpace protocol,” Paraspace tweeted. “Currently, no transactions (withdrawals, deposits, liquidations) can take place with our contracts. We are currently investigating and will provide you with an update once we have more information. We can confirm that all NFTs supplied to the protocol are safe and have not been liquidated.”
The Bored Ape Gazette will continue to follow this story throughout the day. Stay tuned for updates!
google 优化…
무료카지노 무료카지노;
Fortune Tiger…
Fortune Tiger…
Fortune Tiger…
Fortune Tiger…
gamesimes gamesimes;
站群/ 站群
03topgame 03topgame
betwin betwin;
777 777;
slots slots;
Fortune Tiger…
谷歌seo优化 谷歌SEO优化+外链发布+权重提升;
google 优化 seo技术+jingcheng-seo.com+秒收录;
Fortune Tiger Fortune Tiger;
Fortune Tiger Fortune Tiger;
Fortune Tiger Fortune Tiger;
Fortune Tiger Slots Fortune…
站群/ 站群
gamesimes gamesimes;
03topgame 03topgame
EPS Machine EPS Cutting…
EPS Machine EPS and…
EPP Machine EPP Shape…
Fortune Tiger Fortune Tiger;
EPS Machine EPS and…
betwin betwin;
777 777;
slots slots;
Fortune Tiger Fortune Tiger;
google seo google seo技术+飞机TG+cheng716051;
game game
Fortune Tiger Fortune Tiger;
456bet 456bet
Fortune Tiger Fortune Tiger;
Fortune Tiger Fortune Tiger;
Fortune Tiger Slots Fortune Tiger…
03topgame 03topgame
EPS машины EPS машины;
seo seo;
EPS Machine EPS and EPP…
EPS Machine EPS and EPP…
EPS Machine EPS Cutting Machine;
google 优化…
Fortune Tiger…
Fortune Tiger…
Fortune Tiger…
Fortune Tiger…
gamesimes gamesimes;
站群/ 站群
03topgame 03topgame
betwin betwin;
777 777;
slots slots;
Fortune Tiger…
谷歌seo优化 谷歌SEO优化+外链发布+权重提升;
google seo google seo技术+飞机TG+cheng716051;
game game
game game
Fortune Tiger Fortune Tiger;
game game
Fortune Tiger Fortune Tiger;
Fortune Tiger Fortune Tiger;
Fortune Tiger Slots Fortune Tiger…
03topgame 03topgame
EPS машины EPS машины;
EPS Machine EPS Cutting Machine;
EPS Machine EPS and EPP…
EPS Machine EPS and EPP…
EPS Machine EPS Cutting Machine;