Stablecoin protocol Seneca hit by $6 million exploit due to smart contract flaw
Quick Take Stablecoin protocol Seneca suffered an exploit, resulting in a loss of more than $6 million. The exploit was traced back to a flaw in the protocol’s smart contract approval mechanisms.
Stablecoin protocol Seneca suffered an exploit, leading to a loss of more than $6 million on Ethereum and Arbitrum networks.
The exploit was pinpointed to an issue within the protocol’s smart contract approval mechanisms — which was exploited by attackers to divert funds.
Security analysts from Blocksec identified the root cause of the breach as an “arbitrary call issue” within Seneca’s smart contracts.
The project’s contracts didn’t have code that could let the team pause it — instead, users had to revoke permissions. The stolen assets are reported to be more than 1,900 ETH ($6 million).
This vulnerability allowed the attacker to make unauthorized transfers of tokens from the project’s contract to an external address controlled by the attacker. “The root cause was an arbitrary call issue, hence approvals to the vulnerable contract can be transferred out,” Blocksec CTO Lei Wu told The Block.
The Seneca team acknowledged the incident and urged users to revoke previously granted permissions in an effort to prevent further unauthorized transactions.
Seneca is a decentralized finance project that allows users to mint and borrow its stablecoin, senUSD, against other crypto assets — a stablecoin mechanism also called a collateralized debt position.
The Seneca token went down by more than 60% following the exploit — dropping from around $0.1 to under $0.04.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Days Gone director speaks up after Sony cancels Bend Studio game
Share link:In this post: Days Gone director empathizes with Bend Studio developers. The director still wishes good for the studio despite quitting in 2020. His comments came after the cancellation of Bend Studio’s live-service project.
Ethereum Foundation prepares to join DeFi with 50,000 ETH
Share link:In this post: The Ethereum Foundation aims to find alternatives to selling ETH to cover expenses, looking into Aave lending. The Foundation received community feedback for being too conservative, instead seeking ways to secure passive income through staking or DeFi. The Ethereum Foundation has not funded new projects since 2023, after setting up grants for 17 crypto startups.
Ethereum Faces a Critical Test: Can Rollblock and XRP Lead the Next Rally?