Beosin: Analysis of the Causes of the Terra Chain Incident Vulnerability

Odaily Planet Daily News According to Beosin Alert monitoring and early warning, the Terra chain has been temporarily suspended due to emergency upgrades. It seems that someone has exploited the IBC vulnerability to mint long tokens on Terra, including ASTRO. Beosin's security team analyzed that after the attacker instantiated the contract on Terra, they used the reentry vulnerability of timeout pullback in ibc-hooks, and have transferred approximately 60 million ASTRO, 3.5 million USDC, 500,000 USDT, and 2.7 BTC.
This vulnerability was disclosed in April this year and belongs to the vulnerability in the Cosmos basic library, but Terra did not fix it.
Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments