Qubit项目的QBridge遭受攻击主要由于未对其是否是0地址再次进行检查

This article is not available in the current language yet. Showing the original version.
PA一线
PA一线

PANews 1月28日消息,据慢雾情报,Qubit 项目的 QBridge 遭受攻击损失约 8000 万美金。慢雾安全团队进行分析后表示,本次攻击的主要原因在于在充值普通代币与 native 代币分开实现的情况下,在对白名单内的代币进行转账操作时未对其是否是 0 地址再次进行检查,导致本该通过 native 充值函数进行充值的操作却能顺利走通普通代币充值逻辑。慢雾安全团队建议在对充值代币进行白名单检查后仍需对充值的是否为 native 代币进行检查。


Share to:

Author: PA一线

This content is for market information only and is not investment advice.

Follow PANews official accounts, navigate bull and bear markets together
Telegram Discussion Group
Telegram News Channel
@PANews
Recommended Reading
PA一线

PA一线

Three wallets withdrew a total of 16,350 ETH from the CEX in nearly 10 hours, equivalent to approximately $37.18 million.
PA一线

PA一线

"The Fed's mouthpiece": The Fed is inclined to remain silent this week, with recent shocks being a two-way factor.
PA一线

PA一线

BTC breaks through $76,000, up 3.74% on the day.
PA一线

PA一线

The U.S. Securities and Exchange Commission (SEC) proposes allowing publicly traded companies to report their earnings semi-annually, replacing the quarterly mandatory requirement.
PA一线

PA一线

The US SOL spot ETF saw a total net inflow of $2.8213 million in a single day.
PA一线

PA一线

A British man has accused his wife of secretly recording his mnemonic phrases on a security camera and stealing $172 million worth of Bitcoin.

Popular Articles

Industry News
Market Trends
Curated Readings
Subscribe
PANews App
24/7 blockchain news tracking and in-depth analysis.
Download PANews App
App StoreGoogle Play