星球日报
星球日报|1月 28, 2026 08:12
[BlockSec Releases Analysis of Major Vulnerabilities in Closed-Source Contracts: SwapNet and Aperture Finance Lose $17 Million Due to Insufficient Input Validation] Odaily Planet Daily News: BlockSec has released an analysis of major vulnerabilities in closed-source contracts, detecting a series of suspicious transactions targeting victim contracts deployed by SwapNet and Aperture Finance on Ethereum, Arbitrum, Base, and BSC, with total losses exceeding $17 million. Fundamentally, the root cause of these two incidents is quite simple: the victim contracts had arbitrary call vulnerabilities due to insufficient input validation, which attackers exploited to abuse existing token authorizations and steal assets via transferFrom. Although the SwapNet and Aperture Finance incidents affected different protocols and blockchains, the core issue in both cases is not complex: user-controlled underlying calls and insufficient input validation in contracts holding token authorizations.
+6
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads