SlowMist
SlowMist|5月 28, 2026 06:41
🚨SlowMist TI Alert🚨 💸 Loss: 62.5 BNB & 1,195,918.92 JOE 🔍 Root Cause: Single-function reentrancy in `_removeLiquidityViaContract` – BNB sent via low-level `call` before updating `lpInfo[user].lpAmount`, allowing recursive calls. 📌 Attacker EOA: 0xaa761779945dcc5f26064fc6dcb36ffab6ac7610 📌 Attacker Contract: 0x31f81fcd91025728f24bd6f0e4efb156e345a4cf 📌 Vulnerable Proxy: 0xef0f12d08d66e76e1866e60f30a0daa578e00c04 📌 Vulnerable Implementation: 0xb12ce0a21f67a9fc3c8ad1c7dbc4b017b7e67319 Attackers exploited the delayed state write to repeatedly withdraw liquidity, netting 62.5 BNB and ~1.196M JOE via 25 reentrancy loops. Powered by #SlowMist.AI(SlowMist)
+4
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads