Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
Stablecoin protocol Seneca hit by $6 million exploit due to smart contract flaw

Stablecoin protocol Seneca hit by $6 million exploit due to smart contract flaw

The BlockThe Block2024/02/29 06:14
By:The Block

Quick Take Stablecoin protocol Seneca suffered an exploit, resulting in a loss of more than $6 million. The exploit was traced back to a flaw in the protocol’s smart contract approval mechanisms.

Stablecoin protocol Seneca hit by $6 million exploit due to smart contract flaw image 0

Stablecoin protocol Seneca suffered an exploit, leading to a loss of more than $6 million on Ethereum and Arbitrum networks.

The exploit was pinpointed to an issue within the protocol’s smart contract approval mechanisms — which was exploited by attackers to divert funds.

Security analysts from Blocksec identified the root cause of the breach as an “arbitrary call issue” within Seneca’s smart contracts.

The project’s contracts didn’t have code that could let the team pause it — instead, users had to revoke permissions. The stolen assets are reported to be more than 1,900 ETH ($6 million).

This vulnerability allowed the attacker to make unauthorized transfers of tokens from the project’s contract to an external address controlled by the attacker. “The root cause was an arbitrary call issue, hence approvals to the vulnerable contract can be transferred out,” Blocksec CTO Lei Wu told The Block.

The Seneca team acknowledged the incident and urged users to revoke previously granted permissions in an effort to prevent further unauthorized transactions.

Seneca is a decentralized finance project that allows users to mint and borrow its stablecoin, senUSD, against other crypto assets — a stablecoin mechanism also called a collateralized debt position.

The Seneca token went down by more than 60% following the exploit — dropping from around $0.1 to under $0.04.


0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!

You may also like

Congress’s top priorities this lame duck session

Here’s a look at what lawmakers are most focused on in these final weeks of the 118th Congress

Blockworks2024/11/26 18:33

BTC breaks through $94,000

Cointime2024/11/26 16:55