The exactInputV3Swap function of Transit Finance was attacked due to the lack of legal verification of the pool input.
Beosin's EagleEye security risk monitoring, warning and blocking platform has detected an attack on the Transit Finance project. Beosin's security team analyzed and found that the exactInputV3Swap function in Transit Finance's SwapRouter was attacked due to a lack of valid input verification for the pool, which allowed the attacker to control the actualAmountIn in the first exchange by passing a fake pool and WBNB/BUSD pool path in the 0x93ae5...6de1081 transaction. This caused the SwapRouter to use the fake actualAmountIn as the initial value for the exchange in the WBNB/BUSD pool, resulting in the theft of BUSD from the SwapRouter.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Writers protest in London against Meta over AI trained using copyrighted work
Share link:In this post: Artists and writers protested against Meta at its London office for copyright infringement. The writers are angry at the social media firm for using their work to train its AI models without their permission. Meta however defended its position arguing it “respects third party intellectual property.”
Trump Family Crypto Pivot – Eric Trump Embraces Crypto & Trump's Empire Expands
Pornhub adds Bitcoin and Litecoin payments for Premium Subscription
S&P 500 and Nasdaq go deeper into correction as Russell 2000 enters bear market
Trending news
MoreCrypto prices
More
