Old 1inch Address Used by Malefactors’ Contract


article image

Vladislav Sopov

Attackers deployed malicious contract to old address of one of most popular DeFi protocols, 1inch

Contents

Seasoned developer Justin Bebis, CEO of Byte Masons Web3 development studio, reported that one of the old wallets of 1inch Network (1INCH) addresses is abused by malefactors.

Old Fantom (FTM) wallet of 1inch Network under attack

Bebis has taken to Twitter to inform users that an old address on the Fantom (FTM) network that was previously used by 1inch Network (1INCH) multi-blockchain DeFi protocol, is controlled by malefactors.

The attackers deployed a malicious contract to the address 0x11111112542d85b3ef69ae05771c2dccff4faa26. As such, all DeFi users who interacted with the contract put their money at risk.

Bebis asked all Fantom (FTM) users who had approved transactions with the aforementioned compromised address involved to immediately revoke them.

Ads

As of printing time, the address is labeled as an “Exploit” and  “Phish/Hack” address by a major Fantom (FTM) network explorer service FTMScan. It is highly likely that the attackers use the same vector as the recent exploit of “Profanity” addresses that made headlines in mid-September 2022.

1inch co-founder Sergej Kunz announces refund program

Back then, attackers exploited the generators of “vanity” (partially human-readable) addresses; they accessed key generation instruments and drained over $3.3 million.

Following Bebis’ alert, Sergej Kunz, one of the 1inch Network founders, explained that some users of API endpoints authorized transactions to a Fantom address that, in fact, only existed on the Ethereum (ETH) network (Ethereum and Fantom contracts use the same 0x-like addresses).

Also, Kunz stated that a refund program had been launched and he had already informed affected users. He also stated that law officers of 1inch are ready to report the attack to the police.

Source: https://u.today/scam-alert-old-1inch-address-used-by-malefactors-contract