BlockSec Phalcon has reported a suspected attack on Ethereum contracts, resulting in a loss of approximately $120,000. The alert, issued on October 15, 2025, highlights suspicious transactions targeting two unknown contracts deployed at the same address. The transactions were initiated by different externally owned accounts (EOAs).
The attack exploited vulnerabilities in the approveERC20 and withdrawAll functions of the non-open-source contracts, which lacked proper access controls. The attacker utilized a flash loan to acquire #sil tokens, performed multiple token swaps, and executed the exploit by draining the tokens through the withdrawAll function, which required burning the #sil tokens.
BlockSec Identifies $120,000 Loss in Ethereum Contract Exploit
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.