coin-img-ETHETH-0.81%coin-img-BTCBTC+0.32%coin-img-SOLSOL+2.72%coin-img-TONCOINTONCOIN+24.07%coin-img-INTEINTE+0.00%coin-img-SLINKSLINK+2.10%coin-img-XRPXRP+1.49%coin-img-USDCUSDC-0.01%coin-img-ETHETH-0.81%coin-img-BTCBTC+0.32%coin-img-SOLSOL+2.72%coin-img-TONCOINTONCOIN+24.07%coin-img-INTEINTE+0.00%coin-img-SLINKSLINK+2.10%coin-img-XRPXRP+1.49%coin-img-USDCUSDC-0.01%coin-img-ETHETH-0.81%coin-img-BTCBTC+0.32%coin-img-SOLSOL+2.72%coin-img-TONCOINTONCOIN+24.07%coin-img-INTEINTE+0.00%coin-img-SLINKSLINK+2.10%coin-img-XRPXRP+1.49%coin-img-USDCUSDC-0.01%coin-img-ETHETH-0.81%coin-img-BTCBTC+0.32%coin-img-SOLSOL+2.72%coin-img-TONCOINTONCOIN+24.07%coin-img-INTEINTE+0.00%coin-img-SLINKSLINK+2.10%coin-img-XRPXRP+1.49%coin-img-USDCUSDC-0.01%

Ekubo DEX Warns of Security Flaw in EVM Transaction Routing Contract

Ekubo, a DEX protocol in the Starknet ecosystem, has issued a security alert over a vulnerability found in its transaction routing contract on the EVM chain, according to BlockBeats on May 6. The team said liquidity providers and users on Starknet are not affected, and the full scope of the incident is still being assessed. Users are urged to revoke approvals granted to the impacted contract immediately. SlowMist founder Yu Xian said the attacker abused the payCallback mechanism to set previously authorized users' wallets—specifically those that had granted unlimited token approvals—as payers, then called WBTC’s transferFrom to move funds from victims. The exploit was executed 85 times, transferring 0.2 WBTC per transaction. One address, 0x765DEC, reportedly suffered total losses of 17 WBTC.
Selected
STRK
STRK+7.29%
WBTC
WBTC+0.12%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.