A malicious smart contract on the Arbitrum chain caused a loss of $2.7M by minting fraudulent SUN tokens. The attack took advantage of an upgraded mgmt smart contract and used the Across bridge to fund the initial wallet. The attacker immediately swapped the tokens for USDT and WETH, resulting in additional losses. This comes after another vulnerable smart contract was drained of $93K just days prior. Users of Radiant Capital were also affected by a hack resulting in $50M in losses. The SUN token had limited supply and was intended as a store of value for decentralized finance. Most SUN tokens were held in a single wallet owned by the Sunray DEX. The Sunray DEX reported suspicious activity from its treasury but may be unable to retrieve the tokens. The project is associated with SoftBank but is not listed on its portfolio page. The investigation is ongoing, and it is unclear if SoftBank will face losses.
- Content Editor ( cryptopolitan.com )
- 2024-10-30
Malicious smart contract causes $2.8M in SUN token losses on Arbitrum