A security breach in the Ekubo contract has led to the loss of 17 WBTC for a user identified as 0x765DEC. According to Yu Xian, founder of SlowMist, the exploit occurred due to a vulnerability in the contract's token approval process. Attackers exploited the unlimited approval granted by the user 158 days ago, allowing them to execute 85 transactions, each transferring 0.2 WBTC from the victim to the attacker's account.
The exploit involved manipulating the contract to authorize a transfer of WBTC from the victim to Ekubo Core, followed by a withdrawal to the attacker's address. Users are advised to install the official alert tool to review and manage token approvals for the affected contracts, including those on Arbitrum.
Ekubo Contract Exploit Results in 17 WBTC Loss for User
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.