Trading firm Hashflow is facing an ongoing exploit that has taken at least $600,000 in ether and arbitrum.
The vulnerability appears to refer to the firm’s bridge contract, according to PeckShield. Hashflow offers cross-chain swaps as part of its trading service.
PeckShield said the exploit related to contract approvals. Since the exploit started, it seems that Hashflow has moved to revoke approvals for multiple tokens.
The affected address is the Hashflow deployer address labelled on Etherscan. The exploit affects the contract on at least the Ethereum, Binance Smart Chain, Polygon and Avalanche chains.
Hashflow did not immediately respond to a request for comment.
© 2023 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Source: https://www.theblock.co/post/234671/trading-firm-hashflow-faces-ongoing-exploit-with-600000-lost-so-far-peckshield?utm_source=rss&utm_medium=rss