Ethervista, an Ethereum alternative to Solana’s Pump.fun platform, has reportedly been “unconsciously hacked” hundreds of times over the past couple of days by a bot unaware of its actions.
That’s according to PhD student and blockchain security specialist Chaofan Shou, who claimed yesterday that his bot exploited Ethervista by unknowingly following the instructions of another attacker.
Shou told Protos it was a “general backrun bot” that copies other transactions and applies it in the next few blocks. He said that an initial attacker manually hacked Ethervista by exploiting an “integer overflow in the router contract to steal all the fee in it.”
Because of this, Shou’s bot copied the transaction and performed the hacker’s malicious transaction over and over again. He said the bot was not designed for Ethervista and that, “both the bot and us did not know we are hacking Ethervista.”
According to Shou, the initial attacker was able to make 10 ETH ($23,766) while eight other bots collectively made ~20 ETH (~$47,500). His bot, he says, made ~8 ETH (~$19,000) and that the funds remain in his account.
Before revealing the exploit Shou stressed that the liquidity pools on Ethervista are not at risk, claiming, “The vulnerability is in the router and can only be exploited to sweep fees.”
Ethervista experiencing other dilemmas
Unfortunately for Ethervista, it’s facing various problems besides accidental exploits. Shou also claimed there is a bug that “uses the fee parameters from the first pool and only pays to the first pool.” He said Ethervista’s swap fee can be “bypassed, and liquidity providers won’t receive any rewards.”
Cointelegraph also reported that crypto researcher Stacy Muur discovered transactions were failing when attempting to remove liquidity from the ETH/USDT pool.
Read more: Uniswap Labs pays $175K to settle CFTC charges
Styled after a classic Windows background, Ethervista launched on August 31, and allows users to create their own tokens on the Ethereum blockchain.
The VISTA token is worth $26.42 at the time of writing, having climbed 120% in two days and possessing a 24-hour trading volume of $76 million.
Got a tip? Send us an email or ProtonMail. For more informed news, follow us on X, Instagram, Bluesky, and Google News, or subscribe to our YouTube channel.
Source: https://protos.com/ethervista-unconsciously-hacked-hundreds-of-times-by-bot/