Foresight News
Foresight News|Jan 14, 2026 12:01
**[BlockSec: FutureSwap Protocol on Arbitrum Attacked Again, Reentrancy Vulnerability Causes $74,000 Loss]** Foresight News reports, according to monitoring by BlockSec Phalcon, the Futureswap contract on Arbitrum has been attacked again, with an estimated loss of approximately $74,000. Although the loss is relatively small, it is noteworthy that this attack exposed a new attack vector: a reentrancy vulnerability. The attacker exploited a two-step process with a three-day cooling period to steal funds from the protocol. The first step was the minting phase, where the attacker leveraged the reentrancy vulnerability during the liquidity provision process. By reentering the `0x5308fcb1` function before the contract updated its internal ledger, the attacker minted a large amount of LP tokens disproportionate to the actual assets deposited. The second step was the withdrawal phase, where the attacker executed the withdrawal after waiting for the mandatory three-day cooling period. They burned the illegally minted LP tokens to redeem the underlying collateral, effectively stealing assets from the protocol and profiting from the exploit.
+5
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads