Trending News: Crypto Asset Vault RevolutionCoinbase: “September” effect is not fidelity, crypto market will strengthen in early Q4WLFI: From the White House to the Chain The Four-Level Narrative of Rise in a YearQuestions arise, the “estimated proportion” of the US CPI rose to 36%Two-way journey between crypto market and traditional capital marketThe currency circle has attracted money again: Figure US stocks rose 24% in its first show, with a market value of over $6 billion77 stablecoin license application: How to choose from Hong Kong?Grayscale: Macro reasons for favorable encryptionMulticoin Lianchuang: Why SOL is the best asset for DATCrypto exchange Gemini listing in the United States: capital boom and reality of lossesMilan passes the Senate Banking Committee. Will Trump take control of the Federal Reserve?Retrograde from retail investors: From IPO to popularization of cryptocurrenciesMacro research report on the crypto market: Latest outlook for the crypto market under the expectation of interest rate cutsBhutan, the third largest BTC sovereign holder: A look at the crypto tax and regulatory regimeIs the Nasdaq tokenized securities proposal good for Robinhood?SEC key appointment: Supporting crypto cryptographer Moloney takes charge of the company’s finance departmentWill Bitcoin appreciate after interest rate cuts?The currency circle has such a great impact on US regulation, forcing CFTC nominees to complain publiclyNasdaq applies to trade stocks RWA: Will stocks eventually be tokenized?The battle for USDH, a stablecoin giant: a panoramic analysisThe latest speech by the US SEC President: The era of crypto and financial innovation has arrivedJack Ma’s circle of friends is getting lively againIn-depth analysis of market turmoil in SeptemberWhere is the fulcrum of DeFi stablecoins?Why are ETH Maxi and SOL Maxi always facing each other?Ethereum is winning the RWA battleTokenization variants of Ethereum: From encapsulated tokens to liquid staking tokensMYX Finance’s “Business Sutra”: A game of long and short double-hit killGoodbye Crypto World FoundationYunfeng Securities is approved for virtual asset trading services, Jack Ma enters Web3 in all aspectsBitcoin Volatility: Understanding Calm, Chaos and OpportunitiesHong Kong’s principle of “same business, same risks, same rules” is reviewed againCryptocurrencies are meeting Wall Street’s demandBitwise: Solana will usher in explosive marketThinking about “Zhuang Xue” of Cryptocurrency: How to Create a New Track and New NarrativeDoes the United States want to “erase” 35 trillion debt with cryptocurrency?Reexamination of different DAT strategies in the context of Nasdaq’s regulatory tighteningThe entire Crypto Native narrative will be fully developed around ZK zero-knowledge proofGiant whale quietly builds positions, retail investors are still waiting and watching: is the altcoin about to explode?Ripple Chris Larsen: Anti-crypto-orthodox financial payment visionNearly 90% of the world’s central banks cut interest rates, macro data confirms that the crypto bull market is still in its early stagesReplica Tom Lee Another “Wall Street V” leads listed companies to hoard coinsThe dispute over the USDH system route of stablecoin: Deciding the future narrative of HyperliquidPokémon Card Tokenization Current Situation ReportThe craze for currency stock integration: What are the digital asset treasury funds emerging in a concentrated manner?77 stablecoin applications. Is it more or less?Stock Tokenized Trading Nasdaq Interpretation of NasdaqWhat is the structure of the elastic Bitcoin Treasury Company (RBTC)Time Bomb: Analysis of the 2025 US Economic BubbleNasdaq submits an application to the SEC. Can it open the door to tokenization of securities?New framework for market success and the rise of ideological investorsEven a rate cut cannot save Bitcoin?Why is the $120,000 high wall insurmountableEthereum revenue has dropped sharply?Bankless Lianchuang: Someone is demolishing EthereumInterpretation of the highlights of the streamlined Ethereum Minimum zkVM proposed by VitalikThe next chapter of cryptocurrency: From wild growth to mainstream applicationsSome insights into Roadmap that streamlines consensus on EthereumCoin stock hidden story: DAT model equity dilution and infinite back-up moatBecente attacks the Fed: Moderate and moderate long-term interest rates must be adoptedStablecoin Regulation Twin Cities: Hong Kong abides by the rules and the United States lets it go?Lost, Forgotten, or Death Bitcoin is more “scarce” than imagined?Stablecoins lead to tokenized assets, may hit $30 trillion in 2034TokenInsight: The Rise of Stablecoin Exclusive BlockchainWhat does World Liberty Financial have blacklisting?Summary of Silicon Valley study tour: Crypto, AI and the secrets of innovation in Silicon ValleyBehind Jack Ma’s shareholding company buying ETH: Hong Kong listed public is obsessed with virtual currencyBecente wants moderate long-term interest rates. Bank of America: Long gold and digital currencyThe market is right The U.S. bond curve is pricing for the interest rate cut cycleFounder of Tianqiao Capital: Awakening What is the charm of Bitcoin?SEC and CFTC: Let 24/7 transactions, perpetual contracts, DeFi and others return to the United StatesArtificial Intelligence and Web3 Supervision: From a Regulatory PerspectiveThe test of $600 billion: Can the crypto market survive TGA recoup?Ethereum’s latest on-chain big dataIs L2 really protected by Ethereum?Coins, stocks, and debts: A leverage cycle perspectiveTempo Research Report: Payment Layer-1 created by Stripe and ParadigmPokémon card tokenization platform at a glanceEthena’s development: the lightning expansion speed of the stablecoin USDeWhy is Galaxy Digital (GLXY) an undervalued investment opportunityReport: In 2025, corporate Bitcoin holdings exceeded 1.3 million, accounting for 6% of the total supplyAnthony Pompliano: Bitcoin bull market is driven by businessesNasdaq crypto concept stock regulation upgrades, shareholders need to nodThe giant whale turns around BlackRock sells ETH for 150 million US dollars, buying nearly $300 million BTC at the bottomWhat’s going on with the hot stock tokenizationA16z Partners’ Ten Years of Advice for Web3 FoundersJack Ma also bought coins?Ethereum welcomes “new big brother”AI Agent and DAO: Two forms of autonomous will, different paths and the same destinationThe first real on-chain US stock: detailed explanation of the GLXY tokenization of Galaxy StockHow to plan to welcome the Bitcoin boom period (2025 edition)Coin stock hidden story: halved method of slashing the slashing method hidden in equity dilution and mNAV algorithmWill seasonal “curse” become a nightmare for Bitcoin?Shelf life of digital assetsThe symbolic significance of Zhao Changpeng’s return to China: the shift in global cryptocurrency regulationInvestment strategies for the next decade: Holding scarce assets such as gold and BitcoinBasic Research on Singapore’s Crypto Tax System and Supervision System (II)Yunfeng Financial Shops for Ten Thousand ETH How will institutional entry expand the market structureViewpoint: Ethereum Killer narrative is broken, ETH and SOL are overInflation or deflation?The dual-track evolution of the cross-border payment system: the competition between currency bridge and stablecoinsAmerican Bitcoin’s first appearance in the US stock market, giving back most gains after doubling intradayFounder of Bridgewater Fund: US debt storm is coming, is gold and BTC becoming the savior?
Fri. Sep 12th, 2025
Trending News: Crypto Asset Vault RevolutionCoinbase: “September” effect is not fidelity, crypto market will strengthen in early Q4WLFI: From the White House to the Chain The Four-Level Narrative of Rise in a YearQuestions arise, the “estimated proportion” of the US CPI rose to 36%Two-way journey between crypto market and traditional capital marketThe currency circle has attracted money again: Figure US stocks rose 24% in its first show, with a market value of over $6 billion77 stablecoin license application: How to choose from Hong Kong?Grayscale: Macro reasons for favorable encryptionMulticoin Lianchuang: Why SOL is the best asset for DATCrypto exchange Gemini listing in the United States: capital boom and reality of lossesMilan passes the Senate Banking Committee. Will Trump take control of the Federal Reserve?Retrograde from retail investors: From IPO to popularization of cryptocurrenciesMacro research report on the crypto market: Latest outlook for the crypto market under the expectation of interest rate cutsBhutan, the third largest BTC sovereign holder: A look at the crypto tax and regulatory regimeIs the Nasdaq tokenized securities proposal good for Robinhood?SEC key appointment: Supporting crypto cryptographer Moloney takes charge of the company’s finance departmentWill Bitcoin appreciate after interest rate cuts?The currency circle has such a great impact on US regulation, forcing CFTC nominees to complain publiclyNasdaq applies to trade stocks RWA: Will stocks eventually be tokenized?The battle for USDH, a stablecoin giant: a panoramic analysisThe latest speech by the US SEC President: The era of crypto and financial innovation has arrivedJack Ma’s circle of friends is getting lively againIn-depth analysis of market turmoil in SeptemberWhere is the fulcrum of DeFi stablecoins?Why are ETH Maxi and SOL Maxi always facing each other?Ethereum is winning the RWA battleTokenization variants of Ethereum: From encapsulated tokens to liquid staking tokensMYX Finance’s “Business Sutra”: A game of long and short double-hit killGoodbye Crypto World FoundationYunfeng Securities is approved for virtual asset trading services, Jack Ma enters Web3 in all aspectsBitcoin Volatility: Understanding Calm, Chaos and OpportunitiesHong Kong’s principle of “same business, same risks, same rules” is reviewed againCryptocurrencies are meeting Wall Street’s demandBitwise: Solana will usher in explosive marketThinking about “Zhuang Xue” of Cryptocurrency: How to Create a New Track and New NarrativeDoes the United States want to “erase” 35 trillion debt with cryptocurrency?Reexamination of different DAT strategies in the context of Nasdaq’s regulatory tighteningThe entire Crypto Native narrative will be fully developed around ZK zero-knowledge proofGiant whale quietly builds positions, retail investors are still waiting and watching: is the altcoin about to explode?Ripple Chris Larsen: Anti-crypto-orthodox financial payment visionNearly 90% of the world’s central banks cut interest rates, macro data confirms that the crypto bull market is still in its early stagesReplica Tom Lee Another “Wall Street V” leads listed companies to hoard coinsThe dispute over the USDH system route of stablecoin: Deciding the future narrative of HyperliquidPokémon Card Tokenization Current Situation ReportThe craze for currency stock integration: What are the digital asset treasury funds emerging in a concentrated manner?77 stablecoin applications. Is it more or less?Stock Tokenized Trading Nasdaq Interpretation of NasdaqWhat is the structure of the elastic Bitcoin Treasury Company (RBTC)Time Bomb: Analysis of the 2025 US Economic BubbleNasdaq submits an application to the SEC. Can it open the door to tokenization of securities?New framework for market success and the rise of ideological investorsEven a rate cut cannot save Bitcoin?Why is the $120,000 high wall insurmountableEthereum revenue has dropped sharply?Bankless Lianchuang: Someone is demolishing EthereumInterpretation of the highlights of the streamlined Ethereum Minimum zkVM proposed by VitalikThe next chapter of cryptocurrency: From wild growth to mainstream applicationsSome insights into Roadmap that streamlines consensus on EthereumCoin stock hidden story: DAT model equity dilution and infinite back-up moatBecente attacks the Fed: Moderate and moderate long-term interest rates must be adoptedStablecoin Regulation Twin Cities: Hong Kong abides by the rules and the United States lets it go?Lost, Forgotten, or Death Bitcoin is more “scarce” than imagined?Stablecoins lead to tokenized assets, may hit $30 trillion in 2034TokenInsight: The Rise of Stablecoin Exclusive BlockchainWhat does World Liberty Financial have blacklisting?Summary of Silicon Valley study tour: Crypto, AI and the secrets of innovation in Silicon ValleyBehind Jack Ma’s shareholding company buying ETH: Hong Kong listed public is obsessed with virtual currencyBecente wants moderate long-term interest rates. Bank of America: Long gold and digital currencyThe market is right The U.S. bond curve is pricing for the interest rate cut cycleFounder of Tianqiao Capital: Awakening What is the charm of Bitcoin?SEC and CFTC: Let 24/7 transactions, perpetual contracts, DeFi and others return to the United StatesArtificial Intelligence and Web3 Supervision: From a Regulatory PerspectiveThe test of $600 billion: Can the crypto market survive TGA recoup?Ethereum’s latest on-chain big dataIs L2 really protected by Ethereum?Coins, stocks, and debts: A leverage cycle perspectiveTempo Research Report: Payment Layer-1 created by Stripe and ParadigmPokémon card tokenization platform at a glanceEthena’s development: the lightning expansion speed of the stablecoin USDeWhy is Galaxy Digital (GLXY) an undervalued investment opportunityReport: In 2025, corporate Bitcoin holdings exceeded 1.3 million, accounting for 6% of the total supplyAnthony Pompliano: Bitcoin bull market is driven by businessesNasdaq crypto concept stock regulation upgrades, shareholders need to nodThe giant whale turns around BlackRock sells ETH for 150 million US dollars, buying nearly $300 million BTC at the bottomWhat’s going on with the hot stock tokenizationA16z Partners’ Ten Years of Advice for Web3 FoundersJack Ma also bought coins?Ethereum welcomes “new big brother”AI Agent and DAO: Two forms of autonomous will, different paths and the same destinationThe first real on-chain US stock: detailed explanation of the GLXY tokenization of Galaxy StockHow to plan to welcome the Bitcoin boom period (2025 edition)Coin stock hidden story: halved method of slashing the slashing method hidden in equity dilution and mNAV algorithmWill seasonal “curse” become a nightmare for Bitcoin?Shelf life of digital assetsThe symbolic significance of Zhao Changpeng’s return to China: the shift in global cryptocurrency regulationInvestment strategies for the next decade: Holding scarce assets such as gold and BitcoinBasic Research on Singapore’s Crypto Tax System and Supervision System (II)Yunfeng Financial Shops for Ten Thousand ETH How will institutional entry expand the market structureViewpoint: Ethereum Killer narrative is broken, ETH and SOL are overInflation or deflation?The dual-track evolution of the cross-border payment system: the competition between currency bridge and stablecoinsAmerican Bitcoin’s first appearance in the US stock market, giving back most gains after doubling intradayFounder of Bridgewater Fund: US debt storm is coming, is gold and BTC becoming the savior?
Fri. Sep 12th, 2025

SharkTeam: MIM_SMELL was analyzed by the principle of attack event

Source: Sharkteam

On January 30, 2024, MIM_Spell was attacked by Lightning Loan. Due to accuracy, the project party lost $ 6.5 million.

Sharkteam conducted a technical analysis of the incident as soon as possible and summarized the means of security precautions. I hope that subsequent projects can be regarded as precepts to build a security defense line in the blockchain industry.

1. Attack transaction analysis

Attack address:

0x87F585809CE79AE39A5FA0C7C96D0D159EB678C9

Attack contract:

0xe1091d17473B049CCCD65C54F71677DA85B77A45

0x13AF445F81B0DECA5DCB2BE6C691F545C95912

0xe59b54a9e37ab69F6E9312A9B3F7253EE184E5A

Being attacked contract:

0x7259e152103756e1616a77ae982353C3751A6A90

Attack transaction:

0x26a83db7e288838dd9fee6fb7314AE58DCC6AEE9A20BF224C386FF5E80F7E4CF2

0xdb4616B89AD82062787A4E924D520639791302476484B9A6ECA5126F79B6D8777

Attack process:

1. The attacker (0x87F58580) borrowed 300,000 MIM tokens through Lightning Loan.

2. Then send 2,40,000 MIM tokens to the attacked contract (0x7259E1520) for the next step to repay the borrowing of users.

3. The attacker (0x87F58580) then called the repayFrall function to repay the borrowing of other users, and then called the repay function to repay the borrowing of other users in order. The purpose is to reduce the Elastic variable to 0.

4. After the Elastic variables are reduced to 0, the attacker (0x87F58580) creates a new attack contract (0xe59b54a9) and continuously calls the calls of BORROW and the REPAY function until Elastic = 0, BASE = 1200801838188666666521504972888 End.

5. Subsequent attacker (0x87F58580) calls the Withdraw function of the BORROW function and Degenbox contract borrowed 5000047 MIM tokens.

6. The attacker (0x87F58580) returned the Lightning Loan function and converted 4400,000 MIM tokens to 1807 ETH, and this transaction made a profit of about 450W.

Second, vulnerability analysis

The essence of the attack is that the accuracy of the borrowing variable is calculated, so that the proportion of key variable Elastic and base values ​​is unbalanced, resulting in problems when calculating the number of mortgages and borrowings, and eventually borrowed MIM token.

The BORROW function and the repay function in the attacked contract (0x7259e1520) use the upward method to calculate the two variables of Elastic and Base.

The attacker (0x87F58580) first set the Elastic variables and base variables to 0 and 97 by repaying other user borrowing.

Subsequently, the BORROW function and the repay function are continuously called and the parameter amount is 1. When the BORROW function first calls the BORROW function, the above IF logic will be executed and returned to the ADD function when Elastic = 0.This will cause elastic = 1, base = 98.

The attacker (0x87F58580) then calls the BORROW function and passed into 1. Because Elastic = 1 will execute Else logic, the calculated return value is 98. When returning to the ADD function, elastic = 2, the base variable is 196.

But at this time the attacker (0x87F58580) called the repay function and passed into 1. Since Elastic = 2, the ELSE logic will be executed., Resulting in the calculated return value 1, so that when returning to the SUB function, the Elastic variable change back 1, and the base variable is 195.

It can be seen that after experiencing the BORROW-REPAY loop, the Elastic variables remain unchanged and the base variable is almost doubled. Using this vulnerability, the hacker frequently perform the BORROW-Re guay function loop, and finally call the repay again, and finally make elastic = 0 base =120080183810681886665215049728.

When the proportion between Elastic and Base variables is seriously imbalance, the attacker (0x87F58580) can be added with a little mortgage to borrow a large number of MIM tokens through the restrictions in the Solvent modifier.

3. Safety suggestion

In response to this attack, we should follow the following precautions during the development process:

1. When calculating the relevant logic of the development accuracy, carefully consider the accuracy and the whole situation.

2. Before the project is launched, a professional third -party audit team needs to conduct smart contract audits.

    • jakiro

    Related Posts

    WLFI’s first show soared and returns, the cryptocurrency circle “paid” $5 billion in Trump’s family
    WLFI’s first show soared and returns, the cryptocurrency circle “paid” $5 billion in Trump’s family

    Author: Ye Zhen, Wall Street News World Liberty Financial, a cryptocurrency project linked to the Trump family, has made its market debut. Although its core token WLFI quickly fell back…

    Continue reading
    What’s going on in the U.S. government puts GDP data on the chain
    What’s going on in the U.S. government puts GDP data on the chain

    Written by: AIMan@Bitchain Vision The US government has made another on-chain action. On August 28, 2025, the U.S. Department of Commerce announced that it will release actual gross domestic product…

    Continue reading

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    Investment Research

    Crypto Asset Vault Revolution

    • By jakiro
    • September 12, 2025
    • 0 views
    Crypto Asset Vault Revolution
    Investment Research

    Coinbase: “September” effect is not fidelity, crypto market will strengthen in early Q4

    • By jakiro
    • September 12, 2025
    • 0 views
    Coinbase: “September” effect is not fidelity, crypto market will strengthen in early Q4
    Investment Research

    WLFI: From the White House to the Chain The Four-Level Narrative of Rise in a Year

    • By jakiro
    • September 12, 2025
    • 0 views
    WLFI: From the White House to the Chain The Four-Level Narrative of Rise in a Year
    Investment Research

    Questions arise, the “estimated proportion” of the US CPI rose to 36%

    • By jakiro
    • September 12, 2025
    • 0 views
    Questions arise, the “estimated proportion” of the US CPI rose to 36%
    Investment Research

    Two-way journey between crypto market and traditional capital market

    • By jakiro
    • September 12, 2025
    • 4 views
    Two-way journey between crypto market and traditional capital market
    Investment Research

    The currency circle has attracted money again: Figure US stocks rose 24% in its first show, with a market value of over $6 billion

    • By jakiro
    • September 12, 2025
    • 0 views
    The currency circle has attracted money again: Figure US stocks rose 24% in its first show, with a market value of over $6 billion
    Home
    News
    School
    Search