Foresight News reports that, according to CertiK monitoring, the privacy gaming project FOOMCASH’s lottery contract experienced a vulnerability exploit (or white-hat rescue operation), involving approximately $1.8 million. The root cause of the vulnerability may be related to its Groth16 verifier setup, allowing attackers to repeatedly collect ZOOM tokens when all other inputs remain the same.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
France's Crypto "Wrench Attack" Escalates: Teenagers Involved in Kidnapping Extortion, Bitcoin Holders' Safety Concerns Intensify
France has recently experienced a rise in cryptocurrency-related violent crime, with kidnapping cases involving crypto influencer families raising security concerns. Police have detained multiple suspects, and the cases indicate organized cross-border crime trends. Analysis suggests that the traceability of digital assets makes them attractive targets for criminals, and users need to prioritize asset security.
GateNews21m ago
DeFi Protocol Neutrl Frontend Suspected of Attack, Officials Recommend Users Pause Interaction and Revoke Authorization
Gate News reported that on March 19, DeFi protocol Neutrl issued a security alert on X platform, stating that its frontend was suspected of being attacked and the team is conducting an urgent investigation. For security reasons, Neutrl officially recommends that users suspend any interaction with the website pending further updates. Additionally, Neutrl reminds users to promptly visit Revoke.cash to revoke Permit2 authorization for the relevant addresses, and to check for any suspicious address authorizations and revoke them in a timely manner to reduce potential asset risks.
GateNews1h ago
Pudgy World Counterfeit! Malwarebytes Warns of Phishing Website Stealing Wallet Passwords
Cybersecurity company Malwarebytes has warned of a fake website "pudgypengu-gamegifts[.]live" impersonating the newly launched Pudgy World game, attempting to steal cryptocurrency wallet passwords. The attackers meticulously replicated 11 wallet interfaces, exploiting players' trust in connecting wallets. Experts recommend that users access official websites only through bookmarks and remain vigilant against any prompts requesting wallet passwords to be entered on web pages.
MarketWhisper1h ago
OpenClaw Developer Targeted by GitHub Phishing Attack, Fake Airdrop Website Steals Wallet Funds
Security platform OX Security disclosed that OpenClaw developers became targets of cryptocurrency phishing attacks. Attackers used fake GitHub accounts to direct developers to cloned websites to steal wallet assets. The malicious code was hidden and included browser data deletion functionality. The related accounts were quickly removed, and no victims have been confirmed yet.
GateNews1h ago
A user lost $85,000 in sNUSD due to signing a malicious Approve transaction.
Gate News reported that on March 19, according to GoPlus monitoring, a user suffered a phishing attack by signing a malicious Approve transaction, resulting in a loss of approximately 85,000 USD in sNUSD.
GateNews1h ago
Meta AI Agent Out of Control Causes Sensitive Data Leak for Two Hours, Incident Classified as Sev 1
On March 19th, Meta experienced an AI Agent runaway incident where an employee sought help on a forum after an AI Agent independently posted incorrect recommendations, resulting in unauthorized access to large amounts of data. The incident was classified as a "Sev 1" security risk, indicating this is a recurring problem the company has faced.
GateNews2h ago
