Due to contract changes, GALA tokens are at risk of "fake top-ups," which have recently been exploited by hackers

2023-09-13 12:33:44

Collection

ChainCatcher news, according to X-explore, due to contract changes, there is a "fake recharge" risk for GALA on CEX. On September 6, hackers exploited this vulnerability and withdrew all GALA worth 2.7 ETH from Coinhub.

According to analysis, the token GALA of Gala Game underwent a significant upgrade on May 15, 2023, updating the token contract address. As a result, there are now two types of tokens in circulation, both called GALA, with the price ratio of the old Gala to the normal Gala being 1:12. Attackers have been using the old Gala token to recharge on various exchanges since July 27 of this year to test the fake recharge.

Meanwhile, the hackers were also involved in the LDO "fake recharge" incident and the Nomad Bridge attack in August last year. On September 6, the hackers recharged the old GALA token to CoinHub, successfully making the exchange treat the recharged old GALA as normal Gala tokens. Subsequently, the hacker withdrew real Gala, leaving only $168 worth of Gala in the exchange's hot wallet, and the hacker earned 2.7 ETH.

Previously, Slow Mist disclosed that the LDO token contract had a potential "fake recharge" risk, to which Lido responded that the risk was within expectations, and both LDO and stETH remain safe.

(Source Link)

Related tags

GALA hacking attack

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.