- The attackers have stolen $76,000 worth of tokens
- This happens because RUNE tokens utilize a non-standard token contract
The attackers have stolen $76,000 worth of tokens which happens only for a few hours. This indicates that some bad actor gives out or airdrops tokens to many crypto users. However, this might look like free money, however it is a trap. Moreover, the recipients spent the tokens, this will allow the perpetrator to steal the Thorchain (RUNE) tokens they own.
The Block Research’s Eden Au said,
“This is a unique exploit that has rarely been used in recent years. But since the attack is so underhanded, it could be quite effective.”
Attacker Steals $76K in RUNE
Perpetrator has airdropped UniH tokens to at least 76,000 ETH addresses. More so, the main thing to be noted is that the recipients will look at these free tokens and sell them on a decentralized exchange. Notably, the tokens came with a malicious contract. In case, users do not sell their newly received UniH tokens, then the perpetrator could also get any RUNE tokens they have in their wallet.
This happens because RUNE tokens utilize a non-standard token contract, called “tx.origin.” Even more, this specific token contract is not utilized in the ERC-20 token standard, utilized by most ETH-based tokens due to its risks.
UniH tokens carry malicious code which will transfer automatically the user’s RUNE tokens to another wallet if approved. As per, Thorchain’s RUNE token contract code, it is aware that this kind of attack could happen. ‘Beware phishing contracts that could steal tokens by intercepting tx.origin,’ it mentioned when referring to the approval of transactions.
Furthermore, This exploit comes after Thorchain suffered its third exploit in a month on the same day. Moreover, the network for running cross-chain swaps currently lost a total of $13 million due to a variety of bugs. In addition, the supporters maintain that it is still in a kind of beta form albeit with real money and that bugs are expected; this is the reason they refer to the network as a “Chaosnet.”
Recommended for You