SlowMist
SlowMist|Jul 13, 2026 14:07
🚨SlowMist TI Alert🚨 💸 @Lumi_Finance Loss: ~ $264k 🔍 Root Cause: A vulnerability in Lumi smart accounts allowed token approvals to be performed as a side effect during UserOperation validation. Due to improper validation logic, an attacker-controlled paymaster could trigger approval operations during the validation phase and obtain ERC20 allowances from multiple smart accounts without explicit user intent. 📌 Attacker: 0xce1a3bb0b98d0d90c7dd0620ab86c9a771888d88 📌 Victim: Multiple Lumi smart accounts affected by unintended token approvals during UserOp validation 📌 Malicious contract: 0x56362412ae17cac443aafbab4289946ad958e8a1 The attacker abused a flaw in Lumi smart account UserOperation validation logic to obtain token allowances from multiple wallets through validation-time side effects. The attacker then used the malicious sweeping contract to batch drain approved ERC20 tokens, swapped the stolen assets into ETH, and transferred the proceeds to the attacker-controlled address. Powered by #SlowMist.AI Tx: https://arbiscan.io/tx/0x630654fb1c8914405cf81bb02f091b049f19403a152f624f7b8a00c7724c6604 https://arbiscan.io/tx/0x020995ec0b5daafe8fab481e33b1b52fdbd6423578060a1f73fd2a9b9fb0ea90(SlowMist)
+5
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads