The background is that the network launched by Tie Shun, the founder of, started the main network on January. At present, there are about projects that are attacked on the main network and pledged. The winning high-quality projects are held in competitions. In order to encourage users to participate in ecological projects, the official will select high-quality projects to recommend and encourage users to pledge the second time to the network, so they can get faster points increase and gold points. Therefore, a considerable number of users pledge the pledge on the main network to the new creation. The maturity and security of these projects need to be examined whether these contracts have enough security considerations to keep users' tens of millions or even hundreds of millions of dollars. Overview of the incident, there was an attack on the main online line less than a month ago. There was a transfer logic error in the contract, which led the attacker to increase the balance of the designated account out of thin air. Eventually, the project lost more than about 10 thousand dollars, and a bigger attack occurred less than a week after the attack. The attacker swept away a total of about 10,000 dollars. Half an hour after the attack, another address in the project contract was stolen by hackers. At this time, there are still hackers at the contract address of the project party, and the hackers have the right to take all the funds of the whole project. The total amount of about 10,000 dollars is exposed to risks. The well-known detectives on the chain pointed out that the root cause of this attack was due to the hiring of hackers from a certain country. Let us. In-depth look at how a hacker in a country completed an attack of nearly 100 million dollars to restore the voice of the victim on the spot. Minutes after the attack, the official issued a document saying that he was attacked. According to the investigation of the chain detective, one of their developers was the founder of a hacker in a country, and the development team mentioned in the above also hired an attacker for a short time to develop some games. His skills were very rough and he really felt like a hacker in a country. We fired him within one month and he tried to let us hire him. With one of his friends, that person is probably also a hacker. Because of this attack, the users in the community have suffered huge losses. We immediately launched an on-line investigation. Let's take a closer look at the details of the attack of hackers in this country. The attack involved in the first scene occurred at every minute of the year, month and day. We can see that the damaged contract was an agency contract, and the funds pledged by the users were deposited. We can see that the attacker called the functions of the pledge contract and passed all the authority checks to transfer the contract. It seems that the attacker called a function with similar behavior and took away most of the damaged contracts. Did the project party forget to lock the vault? There are two related checks in the damaged contracts. Let's look at them one by one. First of all, we found that the contract method was called in the process of checking the permissions to see if the current hacker address has been registered. The answer is that it has passed the verification. Here, the contract and its corresponding latest logical contract are involved. The logical contract corresponding to the contract was upgraded the day before the attack. The logical contract was upgraded and the transaction logical contract was updated to the original logical contract address, which can be seen here. At this time, we suspect that the hacker is updating the logical implementation of the agency contract, and the contract will bypass the verification authority to become malicious. Is this really the case? You only need to master the technology to get the answer yourself. We compare the original contract with the updated one. In some obviously different function parts, the following function parts are realized as follows. It can be seen that the attacker set the attacker's address to at the same time in the initial logical contract, and two other attacker's addresses were also taken, and their use will be explained later when they were set to the block time at initialization. In fact, contrary to what we guessed, the real logical contract with the back door actually existed at first, but the later update was normal, and so on. Before the attack, that is, before this event, the logical contract has become a contract without a back door. Why can the attacker finish the attack later? This is because the actual state storage is updated in the contract, which leads to the fact that even if the logical contract is updated to a logical contract without a back door, it will not be restored. Let's verify that the corresponding value in the contract is numerical, which enables the attacker to verify the attacker through the method. After that, the back door contract will be replaced by a normal contract to hide people's eyes and ears. In fact, at this time, the back door has already been planted. In addition, the second check is involved in the existing process. This part is to ensure that the locked assets will not be transferred before the expiration. Attackers need to ensure that the block time when called is longer than the required lock expiration time. This part of the check involves the damaged contract and the corresponding logical contract. We can see the damaged contract in the transaction days before the attack occurred. The original logical contract of the contract was upgraded only four minutes later. In order to compare the two contracts, we can find that the attacker also tampered with the function part of the function as before. It can be seen that it is obvious that the same method was used to tamper with the number of unlocking times held by himself, and then it was replaced by the normal contract. When the project party and security researchers were there, the logical contracts were all normal and made by. Since the contracts are all open source contracts, it is even more difficult to see the core of the problem. So far, we know how the attacker did this transaction, but is there only so much information behind this incident? In our analysis above, we actually saw that the hacker built an address inside the contract, and in the attack transaction we found above, we only saw what the other two addresses did and what secrets were hidden inside. Let's look at the second scene first. Look, the attacker's address was stolen in the same way, and the source address of the attack provided both the attacker's address and the attacker's address with a handling fee, while the source of the funds for attacking the source address came from the cross-chain bridge. After receiving the handling fee, the attacker's address did not carry out any attack, but it actually shouldered a hidden plan. We continued to look at it. In fact, according to the official post-rescue transaction, there were more than one damaged contract address, and there were still rescue transactions until the end of the attack. Originally, the attacker intended to steal these assets. You can see the attacker's address 比特币今日价格行情网_okx交易所app_永续合约_比特币怎么买卖交易_虚拟币交易所平台

注册有任何问题请添加 微信：MVIP619 拉你进入群

文章转载注明 网址：https://netpsp.com/?id=55632