Harvest Project’s Malicious Attack on User Funds Disclosed by Beosin Security Team
It is reported that on March 19, 2023, Harvest was discovered according to monitoring by the blockchain security audit company Beosin_ Keeper project has maliciously transferred user funds, involving an amount of approximately 933000 US dollars. The Beosin security team discovered through on-chain data that an attacker used owner privileges to transfer the USDT pledged by the user in the HarvestKeeper contract by calling the getAmount function. Subsequently, the attacker utilized the user’s token authorization for the EOA (0x250… c14) account, thereby transferring user funds through the EOA multiple times. It is recommended that the user cancel the authorization for the EOA. Currently, the stolen funds are stored in multiple addresses, most of which are stored in 0x92288f964ae8fce23e8d337422ad66eefc333670.
Security company: Harvest_ Keeper project has maliciously transferred user funds, involving an amount of approximately 933000 US dollars
Analysis based on this information:
The blockchain security audit company Beosin has revealed that Harvest, a DeFi yield farming platform, has been compromised by a malicious attacker, resulting in the loss of approximately 933,000 US dollars of user funds. The incident was discovered on March 19, 2023, through monitoring by the Beosin Keeper project, which aims to provide security services to blockchain projects.
According to Beosin, the attacker used owner privileges to transfer the USDT pledged by the user in the HarvestKeeper contract by calling the getAmount function. This allowed the attacker to gain control of the user’s account and transfer their funds multiple times through the EOA (0x250… c14) account. The stolen funds are currently stored in multiple addresses, with the majority being held at 0x92288f964ae8fce23e8d337422ad66eefc333670.
The Beosin security team has recommended that affected users cancel their authorization for the EOA account to prevent any further unauthorized transfers. It is not known how many users have been impacted by this incident, and Harvest has not yet released an official statement on the matter.
This latest incident highlights the ongoing security challenges facing DeFi projects and the importance of robust security measures to protect user funds. As the DeFi ecosystem continues to grow, it is essential that projects prioritize security and work with reputable security firms to identify and address vulnerabilities.
In conclusion, the malicious attack on Harvest’s user funds by an unknown attacker is a setback for the DeFi ecosystem. It is crucial that projects take proactive measures to ensure the safety of their users’ funds and prevent such incidents from recurring. Beosin’s discovery of the breach underscores the importance of security audits and vigilant monitoring to detect and mitigate risks.
This article and pictures are from the Internet and do not represent qiAiAi's position. If you infringe, please contact us to delete:https://www.qiaiai.com/crypto/6001.html
It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.
Related recommendations
-
Joseph Lubin on the Importance of Cooperation and Innovation in the Cryptocurrency Ecosystem
On March 6, Joseph Lubin, the founder and CEO of ConsenSys, said in an interview at ETH Denver, \”Similar to L1, we have a group of customer teams that compete …
-
Coin On to Upgrade System for Better Performance
It is reported that the option system upgrade notice issued by Coin On will be scheduled at 07:45 Beijing time on March 2. The upgrade will take about 3 hours,…
-
Terraform Labs Sells all 20 Million Lido Tokens
It is reported that according to the data disclosed by the chain analyst @ Lookonchain, the address marked by Nansen as Terraform Labs has sold all 20 million LDOs today at a price of $207, of which 15.3 million LDOs (about $32 million) were sold on DEX at an average price of $2.1, and 4.7 million LDOs (about $9.4 million) were transferred to the cryptocurrency exchange on May 9, when the selling price was $2. Terraform Labs participated in Lido’s $2 million financing transaction in 2020 and obtained 20 million LDO tokens. Terraform Labs has sold all 20 million LDOs Analysis based on this information:According to Lookonchain, a chain analyst, Terraform Labs, a major player in the cryptocurrency scene, has sold all 20 million LDOs at the price of $207. It is reported that Terraform Labs sold 15.3 million LDOs (approximately worth $32 million) on DEX at an average price of $2.1, with the remaining 4.7 million LDOs (worth $9.4…
-
Carbonable: Revolutionizing Carbon Credit Tracking on Ethereum Layer2 System StarkNet
It is reported that Carbonable, a carbon credit tracking agreement launched on the Ethereum Layer2 extension system StarkNet, completed a seed round financing of $1.2 million, with
-
What is Dogecoin called on Huobi?
According to the official announcement from Huobi, Dogecoin is called \”Shiba In
-
Understanding the Recent Trading Activity of Oilysirs.eth on X2Y2
According to reports, according to Spot On Chain monitoring, the smart money address oilysirs. eth exchanged 3.292 million X2Y2 for approximately 80 ETHs (approximately $150000) be
-
The Weirdo Ghost Gang NFT sets new record with $2.72 million in transaction volume
On February 20, according to OpenSea data, the transaction volume of the NFT project The Weirdo Ghost Gang reached 1614 ETH (about US $2.72 million) yesterday,…
-
WinZO Launches $50 Million Game Developer Fund for Web3 Gaming
On March 20th, WinZO, an Indian social gaming and interactive entertainment platform focused on the Web3 field, announced the launch of a $50 million Game Developer Fund. Currently
-
China Accelerates Social Justice in Networked Era
On March 16th, the State Council Information Office issued a white paper titled “Building the Rule of Law in China’s Network in the New Era” on March 16th, which pointed out that China is actively exploring new paths, new fields, and new models for the deep integration of judicial activities and network technology, so as to “accelerate” social justice. “The Construction of China’s Network Rule of Law in the New Era” White Paper: Actively promoting the in-depth application of modern technologies such as blockchain in areas such as litigation services Analysis based on this information:China is stepping up efforts to integrate judicial activities with network technology to accelerate social justice in the new era, according to a white paper recently issued by the State Council Information Office. The paper, titled “Building the Rule of Law in China’s Network in the New Era,” highlights the country’s exploration of new paths, fields, and models to promote the rule of law in cyberspace….
-
Bitfinex Launches Innovative DeFi Protocol Token NOM
According to the official announcement, Bitfinex will launch the innovative DeFi protocol Onomy Protocol token NOM. Bitlinex will open NOM recharge on March 13,