Hackers bypassed transaction simulation and stole 143 ETH
-
Altcoin News
Bitcoin news
Blockchain News
blog
DeFi News
Exchange News
General
Market News
Prediction
Без рубрики
Johny Smith
2025/01/16
3 mins read
At the beginning of January, a major incident occurred involving an attack on one of the Web3 wallet users. The victim lost 143.45 ETH, which is equivalent to $460.89 thousand. The attack mechanism is based on replacing the state of the blockchain after simulating a transaction, which allowed attackers to deceive the system and withdraw digital funds.
Transaction simulation has become an important feature for users of modern wallets. It allows you to see the expected result before signing the transaction. However, it was this function that became a vulnerability. Hackers use the delay between simulation and actual execution to manipulate the state of the network to their advantage.
The operating scheme is simple but effective. The user is lured to a phishing site by offering, for example, “free tokens.” The site generates a transaction, and the wallet shows the result, where the user will supposedly receive the minimum amount of ETH. However, immediately after this, the hackers change the state of the contract. As a result, the victim signs a transaction, which, instead of receiving funds, completely empties the wallet.
“In this case, the state modification occurred in just 30 seconds between the simulation and the signature. This time was sufficient to completely change the logic of the contract, making the attack almost undetectable. The level of automation and speed of hackers’ actions is impressive, highlighting the need for additional protection,” noted Scam Sniffer experts.
To prevent such attacks, experts recommend several important measures. First, you need to carefully check the transaction details and avoid interacting with suspicious sites. Secondly, you should only use proven and reliable dApps. Proposals to improve wallets are also being actively developed. These include updating the simulation based on the current block time, displaying timestamps and block numbers for simulation results, and implementing risk warning systems. All this should help users minimize the likelihood of funds being stolen.
Error in the text? Select it with the mouse and click Ctrl + Enter
34