- The address of a hacker received more than 100 million XEN Tokens.
- The entire gas expense for these transactions is covered by the FTX hot wallet address.
- The gold withdrawal was an event that seemed strange.
A hacker’s address gained more than 100 million XEN Tokens. It used DoDo, Uniswap, and Decentralized Trading Platforms to convert some XEN into 61 ETH and transfer to FTX and Binance, according to an article published on October 13 by Opang & X-explore.
The FTX withdrawal hot wallet address has a lot of strange small-amount transfers. Analyzing the transaction information further reveals that each transaction attacking the contract spawns 1 to 3 sub-contracts.
This would initially carry out Mint or Claim of XEN Token operations. These contracts will eventually self-destruct. The FTX hot wallet address covers all of the gas costs for these transactions.
The vulnerability research reveals that FTX places no limitations on the receiver address, which serves as the contract address. The ETH Native Token’s Transfer GAS Limit is also unrestricted, but the processing charge is calculated using the Gas estimation method.
Most GAS LIMITS produced by this method are 500,000, which is 24 times greater than the normal amount of 21,000. The same gold withdrawal address has been used for numerous tiny transfers. The gold withdrawal was an event that seemed strange.
The theft of GAS is still ongoing. Withdrawals from FTX are fee-free, which offers attackers enormous ease at no cost to steal.
Sam Bankman-Fried, co-founder and CEO of FTX Derivatives Exchange, has underlined in his characteristically forthright manner that his company will welcome any laws put forth by legislators to direct developments in the bitcoin ecosystem.
Recommended News :
Crypto News Land (cryptonewsland.com) , also abbreviated as “CNL”, is an independent media entity — we are not affiliated with any company in the blockchain and cryptocurrency industry. We aim to provide fresh and relevant content that will help build up the crypto space since we believe in its potential to impact the world for the better. All of our news sources are credible and accurate as we know it, although we do not make any warranty as to the validity of their statements as well as their motive behind it. While we make sure to double-check the veracity of information from our sources, we do not make any assurances as to the timeliness and completeness of any information in our website as provided by our sources. Moreover, we disclaim any information on our website as investment or financial advice. We encourage all visitors to do your own research and consult with an expert in the relevant subject before making any investment or trading decision.