Slow Fog: The core reason for the zkLend theft lies in the market contract using the safeMath library
ChainCatcher message, regarding today's zkLend theft of over 9 million dollars, SlowMist released an analysis stating that the core reason for this attack lies in the safeMath library used in the market contract. During division calculations, direct division was used, resulting in a rounding vulnerability when calculating the actual amount of zToken that needs to be burned during withdrawals. Attackers may exploit this vulnerability to gain illegal benefits.
Users are advised to closely monitor their asset status on zkLend and temporarily halt any deposit actions related to zkLend to avoid potential losses.
ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
