Lumi Finance on Arbitrum Attacked, Loses $270,000 Due to Smart Account Flaw

ARB-2.64%
According to ChainCatcher, Lumi Finance on Arbitrum suffered an attack on July 13, resulting in losses of approximately $270,000. GoPlus analysis identified the vulnerability in the Sodium smart account contract (ERC-4337), specifically in the validateUserOp function's signature validation logic. The flaw allowed attackers to bypass verification and execute token approve operations, granting unauthorized ERC-20 token withdrawal permissions from multiple smart accounts.
Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments