Era Lend on zkSync exploited for $3.4M in reentrancy assault

Generation Lend on zkSync exploited for $3.4M in reentrancy attack

Lending app Generation Lend on zkSync has been exploited for $3.4 million price of crypto, in line with a July 25 file from blockchain security firm CertiK. The attacker ancient a “be taught-most attention-grabbing reentrancy attack” to empty the funds, which is a form of attack that interrupts a multi-step project and then causes it to proceed after a malicious action has been performed. Namely, a “be taught-most attention-grabbing” reentrancy is one which does no longer update the inform of a contract.

Primarily essentially essentially based on the file, the attacker drained funds in two separate transactions using the externally owned story 0xf1D076c9Be4533086f967e14EE6aFf204D5ECE7a. The attacker relied on a vulnerability in “the callback and _updateReserves just” to manipulate a contract into reporting used values that had no longer but been up so far.

Proceed Reading on Coin Telegraph

Content Protection by
  Japan's forex diplomat says Tokyo in fixed FX dialogue with US

Drop your queries here! ↴ we will answer you shortly.