Beosin: The administrator's private key of the wazirx multi-signature wallet was leaked, resulting in the theft of assets
Beosin Alert monitoring and warning system discovered that the Indian exchange WazirX was attacked. The attacker obtained the signature data of the exchange's multi-signature wallet administrator and modified the wallet's logical contract to execute incorrect logic in order to steal assets. Based on the attacker's behavior, it is speculated that the reason for the attack was the leakage of the administrator's private key for the multi-signature wallet. Beosin's analysis of the attack is as follows:1. The attacker deployed an attack contract that extracts the specified token assets of this contract.2. The attacker obtained the signature data of the WazirX multi-signature wallet administrator and modified the wallet's logical contract to the already deployed attack contract.3. The attacker submitted a token withdrawal transaction to the WazirX multi-signature wallet. Due to the mechanism of the proxy mode, the wallet contract will use delegatecall to call the relevant functions of the attack contract, transferring the wallet tokens.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
BlackRock: Bitcoin is ‘Risk Off’, ETH is ‘Risk On’
BlackRock, the world’s largest asset management firm, recently said something about Bitcoin (BTC) and Ethereum (ETH)
Lido V3 Redefines Ethereum Staking with stVaults
Lido has taken Ethereum staking to the next level with the launch of Lido V3
Claim Your Berachain Airdrop Today: Key Details
The Berachain Foundation has announced that its long-awaited RFB and Social airdrops are now live
Ethereum whales accumulate 600K ETH amid price dip
Trending news
MoreCrypto prices
More
