BTC $62,560.81 -2.42%
ETH $1,775.75 -2.45%
BNB $568.10 -2.08%
XRP $1.07 -2.26%
SOL $75.79 -1.92%
TRX $0.3260 -1.46%
DOGE $0.0720 -2.09%
ADA $0.1588 -3.30%
BCH $238.16 -2.76%
LINK $7.94 -1.42%
HYPE $64.02 -5.30%
AAVE $95.30 -3.34%
SUI $0.7281 -2.03%
XLM $0.1835 -2.28%
ZEC $509.71 -3.86%
BTC $62,560.81 -2.42%
ETH $1,775.75 -2.45%
BNB $568.10 -2.08%
XRP $1.07 -2.26%
SOL $75.79 -1.92%
TRX $0.3260 -1.46%
DOGE $0.0720 -2.09%
ADA $0.1588 -3.30%
BCH $238.16 -2.76%
LINK $7.94 -1.42%
HYPE $64.02 -5.30%
AAVE $95.30 -3.34%
SUI $0.7281 -2.03%
XLM $0.1835 -2.28%
ZEC $509.71 -3.86%

慢雾:Little Boy Plus 遭遇攻击,损失约 37.8 万美元

2026-06-18 10:11:55
收藏

ChainCatcher 消息,据慢雾监测,Little Boy Plus 遭遇攻击,损失约 377,642 枚 USDT(约 610.555 枚 BNB)。漏洞原因在于 LBPHashrate 合约的 _update 函数可通过零值 transferFrom 调用触发,绕过 OpenZeppelin 的授权检查,攻击者可无需授权调用该函数,触发 _harvest 并通过 LBP.mintReward 向 PancakePair 地址铸造 LBP 代币。铸造的 LBP 增加对池余额但不改变储备,攻击者随后通过 PancakePair.swap 耗尽 USDT。

app_icon
ChainCatcher 与创新者共建Web3世界