The attackers used the properly executed synthetic materials, which is a central financing protocol on the Ethereum Blockchain group, which leads to a total closed protocol loss (TVL).
The protocol known as Sir.trading is known for about $ 355,000 in the March 30 attack, with the confirmation of Deflalama data that has since been confirmed to scratch.
Sir.trading has put itself “a new Defi Protocol for the Safety Lane”, with the aim of reducing risks such as volatility and filtering.
How was Sir.trading?
Editing Blockchain Security Company The name The accident is a “smart attack” that took advantage of a vulnerability in the protocol cellar contract.
This problem has been linked to the function of the UISWAPV3SWAPCALBACK, which enhances ETHEREUM transient storage, which is a new feature presented in Dencun’s upgrade for the past year.
According to the company, the attacker was able to replace the title of the UnisWAP gathering in this call -reaction function with their own, allowing them to redirect VAULT funds.
Vauult’s logic has not correctly achieved the authenticity of the communication response source, and the use of transient storage allows the attacker to process temporary data in the middle of sweat.
By recalling the weak function frequently, they managed to drain all assets from cellar.
In a separate post -cases comment, Blockchain SuPLABSYI researcher from excellence High The attack may have revealed a wider problem with the transit ethereum storage itself.
He explained that the transit storage is re -setting it only after the transaction ends, which allows the attacker to write above the critical safety data before the job finishes the implementation, adding:
What is noticeable is that the transient storage, which was presented via EIP-1153 in DENCUN Solid Force, is still an emerging feature.
This may be one of the first realistic attacks that take advantage of weaknesses and may indicate more changes in the attack directions.
In this case, the attacker was able to move the vanity title to make the fake pool look legitimate and used a contract dedicated to completing the exploitation.
Tenarmor, another Blockchain research company and one of the first signs of the accident on X, added that stolen money was quickly transferred to the address funded by Ethereum Platformal Railgun platform.
The founder of the project, known as XARERER, has continued to Railgun for help.
In a previous message to society, Xaatarr described the exploitation as “the worst news that a protocol could receive”, but he said they were open to rebuilding and called for comments on the following steps.
Defi’s exploits are still a fixed threat
With Defi continues to innovate, as well as the attackers tactics, now join a list of protocols used in recent weeks.
On March 19, Fourmeme, the BNB series, has stopped its symbolic launch feature after the critical weakness in one of the attacker’s protocol function to address the smart contract.
Before this attack, Fourmee was subjected to another attack on February 11, which also caused the temporary comment of the symbolic liquidity group on Pancakeswap.
During the same month, the ZKLEND is drained for more than $ 9 million after developers described as the exploitation of the empty market.
According to a report issued by Web3 Security Peckshield, in 2024, Defi protocols were the most targeted.
Investors Crypto 3.01 billion dollars lost, which led to an increase of approximately 15 % from the previous year.
The publication here is how the Defi Sir.trading protocol fully lost 355 thousand dollars TVL to take advantage of the back on Invezz
