PANews reported on February 12 that in response to the attack on zkLend where more than $9 million was stolen, SlowMist released an analysis on the X platform saying that the core reason for the attack was the safeMath library used in the market contract. When performing division calculations, direct division was used, resulting in a rounding down vulnerability when calculating the actual number of zTokens that need to be destroyed during withdrawal operations. Attackers may use this vulnerability to illegally obtain profits. SlowMist reminds users to pay close attention to the status of their assets on zkLend and temporarily stop recharging actions related to zkLend to avoid possible losses.
SlowMist: The core reason for the zkLend attack is the safeMath library used in the market contract
Comment
关注PANews官方账号,一起穿越牛熊
- @PANewsCN
- Telegram资讯频道
- Telegram交流群
- PANews微信群
添加好友,备注「交流」进群
Recommend Reading
2025-03-27Duplicate transactions in Bitcoin: a fun bug with minimal risk
2025-03-27CZ: A large amount of information has been pouring in since Reachme.io went online, and the fee for each message has been increased to 0.2 BNB
2025-03-27Ethereum Governance Observation: EIP-2537 Pre-Assembly Process
2025-03-27Hyperliquid was attacked again, a 2-hour life-or-death thriller, and there is no winner in the hunting game of top exchanges
Tether: T3 FCU has frozen $9 million in funds related to the Bybit hack
OKX: The recent routine maintenance of the wallet system has caused deviations in the statistics of the third-party data platform. User assets are safe and can be charged and withdrawn normally.
