Trending News: 9 important investment experiences of BuffettWall Street Journal: Why did Buffett retire?Who is the next successor?Fartcoin’s farts resounded through Wall StreetEight narrative directions and related projects worth paying attention toBitcoin and cryptocurrencies are occupying Wall StreetWhat is the real driving force behind Ethereum’s rise in this round?The inevitability of MEV: On-chain game you can’t seeShould SOL be trading at 68% lower than ETH?Web3 lawyer decryption: What kind of RWA do you understand?Xiao Feng’s graduation speech to entrepreneurs: Crossing the gap and returning to the originNew and old memes are rising together. Is it necessary for the bull market to start or will the dealer save himself?Stablecoins are subversive. Who will become a disruptor?US SEC Chairman: Rules for issuance, custody and transaction of crypto assetsWhat is RISC-V Why does Vitalik want to use it for smart contracts?Bitcoin in the countyEthereum Pectra upgradeA 40% surge in 3 days. Will Ethereum take off?DeFi on Bitcoin: Is it finally interesting?Tether USDT expands its stablecoin empire starting from USDT0a16z: Fintech companies embrace stablecoins in fullCoinbase: What is the main driving force for the crypto market this week?What changes will happen to Ethereum after Pectra is upgraded and launched?Is Ethereum complacent on fees?Is rollup based a long-term solution?Wall Street Journal reveals Musk scandal and wins Pulitzer PrizeCold thinking under the current market RWA crazeWhat are the positive factors that will make BTC break the $100,000 mark? How much will it rise this timeThe truth about encryption in 2025: HODL is dead, DAO becomes a joke, DeFi exitsGolden Encyclopedia | What is a Bitcoin memory pool?How does it work?Account abstraction 10 years of evolution finale View the past and future through EIP-7702Ethereum Foundation responds to the “coin selling” incident and explains the three core strategies in detailWill Bitcoin benefit from weakening the US dollar index?Ethereum Pectra upgrades to add new features. Will the price of ETH rise?A pre-provocative death: The money and human nature behind Jeffy’s fake deathWall Street Legend Strict Warning: US Stocks Will Crash Low, AI May Extinction 50% of HumanityGalaxy: A complete analysis of the content and significance of the GENIUS Act in the United StatesBankless: What is Vitalik’s expectations for the Ethereum basic layerHouse of Representatives Draft Crypto: Digital Assets Definition Clearly, Regulatory Blanks To Be FilledGolden Encyclopedia | Can general artificial intelligence really think like humans?Bitwise: Watch Washington The rising crypto risks from CongressFranklin Templeton supports Bitcoin DeFi: Expanding Activity for Investors8% of Bitcoins are purchased by institutions Who are holding huge amounts of BitcoinsWhite House personnel turmoil, Musk bid farewell with two hatsA quick look at the current development status of DefiAave and Lido become the highest protocol for TVL Solana is ranked second largest public chainWhen Dubai’s beach meets the most real Web3 resonanceReality slaps Web3 in the face How far is we from the real “decentralization”?Binance removed from the shelves but soared. Alpaca dealer’s extreme tradingCapitalists and madmen who rushed to memeWeb3 Paradox: How Transparency Builds Trust and How to Disintegrate TrustGrayscale: How Ethereum maintains pricing power by executing scaling strategiesGrayscale: Understand pledge rewards How to earn income from crypto assetsThe Ethereum Foundation’s new era: dual leadership and strategic transformationSanshang Yuya issued coins: a crypto-demonic wind with top trafficThe Pectra mainnet is confirmed to be activated on May 7. What updates are there?The Ethereum Foundation sets off again: new management, vision and focus for the next yearCapitalism kills the soul of Web3 every dayCoingecko: How much Bitcoin will governments hold in 2025?Golden Encyclopedia | Why is sUSD decoupled?How to avoid decoupling?Conversation Vitalik Buterin: Fusaka upgrade is planned in the second half of the yearThree reasons why Ethereum is in troubleCan altcoin ETFs avoid the fate of Ethereum ETFs?a16z: Stablecoin GuideWhat is a reciprocal tariff?How does it affect the crypto industry?Web3 Entertainment New Era: How Short Shows Unlock Personal Influence Growth PasswordWho is continuing to buy BTC crazy?Institutions “break up” with Ethereum but still can’t let go ETHBeyond motivation: How to build a lasting DeFi ecosystemBinance launches Alpha points, understand all the rulesAvail Lianchuang: Ethereum may bring high throughput chain through the expansion of multiple L2sParadigm Huang Gongyu: Details of early investment in Zhang Yiming, encryption technology trendsGlassnode: Has the sentiment in the crypto market completely changed?谁在获利?What is the bottom of Ethereum?Is the ETH bull market coming soon?Golden Encyclopedia | What is quantitative easing?How does it work?Web3 Entrepreneurship New Logic under the New Global Trade OrderRussia’s Ministry of Finance and Central Bank intends to launch national cryptocurrency exchangesEthereum Pectra Upgrade GuideTrump: My $300 million TRUMP has just been unlocked. Don’t run and come and play the rankingsRethinking Bitcoin’s Lightning Network Design through Thunderbolt’s PerspectiveCrypto market may usher in a trend reversal to capture investment opportunities from short-term capital10K Quarterly Report: How to Find Definition in the Uncertainty Crypto IndustryLeaping Ethereum AsylumHow is the “outdated” superstar protocol of Web3 now?Coingecko: Can artificial intelligence agents invest better?Hayes: In-depth analysis of tariff wars and treasury bonds and why BTC will break new highsMeme Coin did not destroy this cycle, but accelerated the maturity of the industryBankless: Vitalik’s virtual machine proposalBankless: What are the decentralized content creation platforms worth paying attention to?Can Ethereum regain its strength?Three key problemsTrump tariffs: a unilateral blackmailWikiLeaks, Google and Bitcoin: What challenges does BTC face in 2011?The dollar credit was cut in the middle, and gold soaredChuan Diudu Can you fire Boss Bao?VIRTUAL’s investment valueOn the “Pattern” of Digital City-StateAfter the tariff war: How global capital rebalancing will affect BitcoinEthereum’s crossroads: a strategic breakthrough in reconstructing the L2 ecosystemEthereum is brewing a deep technological change led by ZK technologyBTC 2025 Q3 Outlook: When will the crypto market top again?Is Base “stealing” Ethereum’s GDP?Vitalik’s new proposal: RISC-V as the virtual machine language for EVM smart contracts
Thu. May 15th, 2025
Trending News: 9 important investment experiences of BuffettWall Street Journal: Why did Buffett retire?Who is the next successor?Fartcoin’s farts resounded through Wall StreetEight narrative directions and related projects worth paying attention toBitcoin and cryptocurrencies are occupying Wall StreetWhat is the real driving force behind Ethereum’s rise in this round?The inevitability of MEV: On-chain game you can’t seeShould SOL be trading at 68% lower than ETH?Web3 lawyer decryption: What kind of RWA do you understand?Xiao Feng’s graduation speech to entrepreneurs: Crossing the gap and returning to the originNew and old memes are rising together. Is it necessary for the bull market to start or will the dealer save himself?Stablecoins are subversive. Who will become a disruptor?US SEC Chairman: Rules for issuance, custody and transaction of crypto assetsWhat is RISC-V Why does Vitalik want to use it for smart contracts?Bitcoin in the countyEthereum Pectra upgradeA 40% surge in 3 days. Will Ethereum take off?DeFi on Bitcoin: Is it finally interesting?Tether USDT expands its stablecoin empire starting from USDT0a16z: Fintech companies embrace stablecoins in fullCoinbase: What is the main driving force for the crypto market this week?What changes will happen to Ethereum after Pectra is upgraded and launched?Is Ethereum complacent on fees?Is rollup based a long-term solution?Wall Street Journal reveals Musk scandal and wins Pulitzer PrizeCold thinking under the current market RWA crazeWhat are the positive factors that will make BTC break the $100,000 mark? How much will it rise this timeThe truth about encryption in 2025: HODL is dead, DAO becomes a joke, DeFi exitsGolden Encyclopedia | What is a Bitcoin memory pool?How does it work?Account abstraction 10 years of evolution finale View the past and future through EIP-7702Ethereum Foundation responds to the “coin selling” incident and explains the three core strategies in detailWill Bitcoin benefit from weakening the US dollar index?Ethereum Pectra upgrades to add new features. Will the price of ETH rise?A pre-provocative death: The money and human nature behind Jeffy’s fake deathWall Street Legend Strict Warning: US Stocks Will Crash Low, AI May Extinction 50% of HumanityGalaxy: A complete analysis of the content and significance of the GENIUS Act in the United StatesBankless: What is Vitalik’s expectations for the Ethereum basic layerHouse of Representatives Draft Crypto: Digital Assets Definition Clearly, Regulatory Blanks To Be FilledGolden Encyclopedia | Can general artificial intelligence really think like humans?Bitwise: Watch Washington The rising crypto risks from CongressFranklin Templeton supports Bitcoin DeFi: Expanding Activity for Investors8% of Bitcoins are purchased by institutions Who are holding huge amounts of BitcoinsWhite House personnel turmoil, Musk bid farewell with two hatsA quick look at the current development status of DefiAave and Lido become the highest protocol for TVL Solana is ranked second largest public chainWhen Dubai’s beach meets the most real Web3 resonanceReality slaps Web3 in the face How far is we from the real “decentralization”?Binance removed from the shelves but soared. Alpaca dealer’s extreme tradingCapitalists and madmen who rushed to memeWeb3 Paradox: How Transparency Builds Trust and How to Disintegrate TrustGrayscale: How Ethereum maintains pricing power by executing scaling strategiesGrayscale: Understand pledge rewards How to earn income from crypto assetsThe Ethereum Foundation’s new era: dual leadership and strategic transformationSanshang Yuya issued coins: a crypto-demonic wind with top trafficThe Pectra mainnet is confirmed to be activated on May 7. What updates are there?The Ethereum Foundation sets off again: new management, vision and focus for the next yearCapitalism kills the soul of Web3 every dayCoingecko: How much Bitcoin will governments hold in 2025?Golden Encyclopedia | Why is sUSD decoupled?How to avoid decoupling?Conversation Vitalik Buterin: Fusaka upgrade is planned in the second half of the yearThree reasons why Ethereum is in troubleCan altcoin ETFs avoid the fate of Ethereum ETFs?a16z: Stablecoin GuideWhat is a reciprocal tariff?How does it affect the crypto industry?Web3 Entertainment New Era: How Short Shows Unlock Personal Influence Growth PasswordWho is continuing to buy BTC crazy?Institutions “break up” with Ethereum but still can’t let go ETHBeyond motivation: How to build a lasting DeFi ecosystemBinance launches Alpha points, understand all the rulesAvail Lianchuang: Ethereum may bring high throughput chain through the expansion of multiple L2sParadigm Huang Gongyu: Details of early investment in Zhang Yiming, encryption technology trendsGlassnode: Has the sentiment in the crypto market completely changed?谁在获利?What is the bottom of Ethereum?Is the ETH bull market coming soon?Golden Encyclopedia | What is quantitative easing?How does it work?Web3 Entrepreneurship New Logic under the New Global Trade OrderRussia’s Ministry of Finance and Central Bank intends to launch national cryptocurrency exchangesEthereum Pectra Upgrade GuideTrump: My $300 million TRUMP has just been unlocked. Don’t run and come and play the rankingsRethinking Bitcoin’s Lightning Network Design through Thunderbolt’s PerspectiveCrypto market may usher in a trend reversal to capture investment opportunities from short-term capital10K Quarterly Report: How to Find Definition in the Uncertainty Crypto IndustryLeaping Ethereum AsylumHow is the “outdated” superstar protocol of Web3 now?Coingecko: Can artificial intelligence agents invest better?Hayes: In-depth analysis of tariff wars and treasury bonds and why BTC will break new highsMeme Coin did not destroy this cycle, but accelerated the maturity of the industryBankless: Vitalik’s virtual machine proposalBankless: What are the decentralized content creation platforms worth paying attention to?Can Ethereum regain its strength?Three key problemsTrump tariffs: a unilateral blackmailWikiLeaks, Google and Bitcoin: What challenges does BTC face in 2011?The dollar credit was cut in the middle, and gold soaredChuan Diudu Can you fire Boss Bao?VIRTUAL’s investment valueOn the “Pattern” of Digital City-StateAfter the tariff war: How global capital rebalancing will affect BitcoinEthereum’s crossroads: a strategic breakthrough in reconstructing the L2 ecosystemEthereum is brewing a deep technological change led by ZK technologyBTC 2025 Q3 Outlook: When will the crypto market top again?Is Base “stealing” Ethereum’s GDP?Vitalik’s new proposal: RISC-V as the virtual machine language for EVM smart contracts
Thu. May 15th, 2025

Uwu lend is hacked by analysis

background

On June 10, 2024, according to the monitoring of the Slow Misteye Safety Monitoring System, UWU Lend, a platform for digital asset lending services, was attacked by the EVM chain, losing about $ 19.3 million.The slow fog security team analyzed the incident and shared the results as follows:

>

(https://x.com/slowmist_team/status/1800181916857155761)

Related information

Attack address:

0x841ddf093F5188989FA1524E7B893DE6421F47

There is a contract address with vulnerabilities:

0x9bc63333081266e55d88942e277fc809b485698B9
Attack transaction:
0xca1bbf3B320662C89232006F1EC6624B56242850F0F1DADBE4F69ba0d6ac3

0xb3f067618ce54BC26A960B660CFC28F9EA0315E2E9A1A855EDE1508EB4017376

0x242A0FB4FDE0DC2FD42E8DB743CBC197FFA2BF6A036BBA303DF296408B

Attack core

The core point of this attack is that the attacker can directly manipulate the price prophecy machine by conducting a large exchange price of the SUSDE tokens through the price of the SUSDE tokens by using it in the Curvefinance pool, and use the manipulated price to put other assets in the pool.

Attack process

1. The price of Lightning Loan borrowing assets and smashing low USDE:The attacker first borrowed a large amount of assets through Lightning Loan, and exchanged some USDE tokens borrowed from the CURVE pool that could affect the price of Susde to other tokens.

>

2. Create a large number of borrowing loans:Under the current SUSDE price plummeting, a large number of SUSDE tokens are borrowed by excess of other underlying tokens.

>

3. Manipulate the price of the prediction machine again to raise the price of the Susde:By performing reverse exchange operations in the previous Curve pool, the price of Susde quickly increased.

>

4. A large amount of liability for liability:As the price of Susde is quickly pulled up, the attacker can get a large number of borrowed positions to get UWETH.

>

5. Stay in the remaining SUSDE and borrow other underlying tokens in the contract:The attacker has once again deposited SUSDE, which is currently at high prices to borrow more underlying asset tokens.

>

It is not difficult to see that the attacker mainly manipulates the price of Susde to make a large amount of loans at low prices, and liquidates and re -mortgage profit at high prices.We follow up to the prediction machine contract of the SUSDE price.

>

It can be seen that the price of the Susde is to obtain the different prices of 11 USDE tokens from the USDE pool and the UNI V3 pool on the Curvefinance, and then sort and calculate the medium digits based on these prices.

In the calculation logic here, the price of 5 USDE is to directly use the get_p function to obtain the instant spot price of the Curve pool, which leads to an attacker that can directly affect the median price in a large exchange method in a transaction.Calculation results.

>

Misttrack analysis

According to MISTTRACK analysis on the chain, the attacker 0x841ddf093F5188989FA1524E7B893DE64B421F47 made a profit of about $ 19.3 million in this attack, including currency ETH, CRVUSD, BLUSD, USDC. It was replaced with ETH.

>

Through the source of the attack fee of the attacker, the initial funds on the address are from 0.98 ETH transferred to the TORNADO CASH, and then the address also received 5 funds from Tornado Cash.

>

Expansion of the transaction map found that the attacker transferred 1,292.98 ETH to the address 0x48D7C1DD4214B41EDA3301BCA434348F8D1C5EB6. The current balance of the address is 1,282.98 ETH; the attacker transfers the remaining 4,000 ETH to the address to the address BF991841827F37745DDADB563FEB70, currently the balance of this address is 4,010 ETH.

>

Misttrack has grueded related addresses and will continue to pay attention to the dynamic dynamics of the stolen funds.

Summarize

The core of this attack is that the attacker uses the price prophet directly obtaining the directly -spot price and the compatible defect of the compatibility of the median calculation price to manipulate the price of the SUSDE, so as to obtain non -expected profits under the influence of severe spreads to obtain non -expected profits.EssenceThe slow fog security team recommends that the project party enhances the anti -operation capability of the price prophecy, and the design is a safer price proportion machine feeding mechanism to prevent similar incidents from happening again.

    • jakiro

    Related Posts

    A pre-provocative death: The money and human nature behind Jeffy’s fake death
    A pre-provocative death: The money and human nature behind Jeffy’s fake death

    Jessy, bitchain vision Meme in the currency circle has released a new narrative: the death track. On May 6, an obituary of the death of Zerebro Jeffy Yu was released.…

    Continue reading
    Binance removed from the shelves but soared. Alpaca dealer’s extreme trading
    Binance removed from the shelves but soared. Alpaca dealer’s extreme trading

    Jessy, bitchain vision According to common sense, a token is removed from the exchange, which is a major negative news. However, this rule has not been perfectly reproduced on May…

    Continue reading

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    People

    9 important investment experiences of Buffett

    • By jakiro
    • May 15, 2025
    • 3 views
    9 important investment experiences of Buffett
    People

    Wall Street Journal: Why did Buffett retire?Who is the next successor?

    • By jakiro
    • May 15, 2025
    • 5 views
    Wall Street Journal: Why did Buffett retire?Who is the next successor?
    Meme

    Fartcoin’s farts resounded through Wall Street

    • By jakiro
    • May 14, 2025
    • 7 views
    Fartcoin’s farts resounded through Wall Street
    Ethereum

    Eight narrative directions and related projects worth paying attention to

    • By jakiro
    • May 14, 2025
    • 9 views
    Eight narrative directions and related projects worth paying attention to
    Policy

    Bitcoin and cryptocurrencies are occupying Wall Street

    • By jakiro
    • May 14, 2025
    • 11 views
    Bitcoin and cryptocurrencies are occupying Wall Street
    Ethereum

    What is the real driving force behind Ethereum’s rise in this round?

    • By jakiro
    • May 14, 2025
    • 11 views
    What is the real driving force behind Ethereum’s rise in this round?
    Home
    News
    School
    Search