The Mobius DeFi and real-world asset tokenization platform suffered a smart contract exploit on the BNB Chain on May 11, leading to the theft of $2.15 million in Mobius Tokens (MBU), reported blockchain security firm Cyvers.
“Two minutes prior to the exploit, our system identified a deployment of a malicious smart contract that eventually targeted the Mobius Token smart contracts,” Cyvers stated.
They added that the attacker executed multiple malicious transactions via the contract, targeting the victim’s address.
However, there was no mention of the exploit on the MobiusDAO X feed.
https://twitter.com/CyversAlerts/status/1921489580991119736?ref_src=twsrc%5Etfw” data-wpel-link=”external” target=”_blank
Cyvers added that the hacker quickly deposited the stolen loot into the crypto mixer Tornado Cash to obfuscate the transactions.
Blockchain security firm CertiK also posted an alert stating that the hacker minted 9.7 quadrillion BEP-20 MBU tokens, which they swapped out for stablecoins.
The transaction record also indicated that the hacker deposited just 0.001 wrapped BNB, worth around $0.65, and was able to exploit the smart contract.
As a result, the MBU token value crashed to zero, according to DEXscreener.
Ethereum’s latest Pectra network upgrade has also introduced a dangerous new attack vector that could allow hackers to drain funds from wallets using only an offchain signature, reported security researchers over the weekend.
Mobius is not the only hack victim this weekend. French hardware wallet maker Ledger has been the victim of hacking yet again.
Over the weekend, an attacker compromised a contracted moderator’s account on Ledger’s Discord channel and used it to post scam links.
Users were told about a false “vulnerability” and urged to “verify recovery phrases” via a malicious link. Ledger managed to regain control of its account and remove the malicious links.
Former Binance CEO Changpeng Zhao commented on the latest Ledger attack, stating, “Social network accounts for a crypto company are often the weakest links.”
https://twitter.com/cz_binance/status/1921799301375918252?ref_src=twsrc%5Etfw” data-wpel-link=”external” target=”_blank
Ledger has been embroiled in scams and hacks over the past five years.
In April, scammers sent physical letters to Ledger owners requesting seed phrases in a scam that may be connected to Ledger’s 2020 data breach, which exposed personal information and physical addresses of more than 270,000 customers.
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE position on any coin!
Key Takeaways After OpenAI said the “OpenAI tokens” don’t represent real equity, Elon Musk replied…
A well-made, durable carry-on is an essential piece of luggage for every traveler, but especially…
Disclaimer: This article is for informational purposes only and does not constitute financial advice. BitPinas…
American Bitcoin, backed by Eric Trump, raises $220 million to expand its Bitcoin mining operations…
OpenAI wants to make clear that Robinhood’s sale of “OpenAI tokens” will not give everyday…
Blackrock’s Bitcoin ETF is now out-earning its flagship S&P 500 fund, marking a pivotal moment…