Slow Fog: Detected a malicious transaction using a vulnerable EIP-7702 account, resulting in a loss of approximately 54.93 ETH.

PANews April 29 news, according to Slow Fog monitoring, a malicious transaction exploiting a vulnerability in an EIP-7702 account was detected, resulting in a loss of 1,988.5 QNT (approximately 54.93 ETH) from the QNT reserve pool. The root cause is that the identity of a QNT reserve pool administrator is held by an EOA address, which delegated its code to a BatchExecutor contract through the EIP-7702 mechanism. This BatchExecutor designated an unauthorized BatchCall contract as the authorized caller. However, the BatchCall.batch() function is completely open to the outside with no permission checks, leading to an arbitrary call vulnerability that allowed attackers to steal QNT tokens from the reserve pool.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。

Slow Fog: Detected a malicious transaction using a vulnerable EIP-7702 account, resulting in a loss of approximately 54.93 ETH.

Selected Articles by PANews

Table of Contents

Related Articles