Rewards Hub GANA PayFi suffered a significant security breach resulting in the loss of $3.1 million USDT. The incident was triggered by the leakage of the owner private key of the GANA Payment Stake contract. Attackers exploited this vulnerability using advanced techniques, including the 7702 delegate exploit, which bypassed the onlyEOA check for unstaking.
The attackers manipulated rates and fees, allowing them to stake a few hundred USDT and subsequently unstake hundreds of thousands. This exploit was executed in eight separate operations, each time changing the owner address to continue the attack. The malicious operations were linked to specific addresses, with the attacker ultimately profiting through address 0x2e8a8670b734e260cedbc6d5a05532264aae5c38. The exploit involved a malicious contract at 0x7A44bD9C6095Ca7b2A6f62FE65b81924c6cAb067.
GANA PayFi Loses $3.1M USDT Due to Private Key Leak
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.