Foresight News reports that, according to CertiK monitoring, the privacy gaming project FOOMCASH’s lottery contract experienced a vulnerability exploit (or white-hat rescue operation), involving approximately $1.8 million. The root cause of the vulnerability may be related to its Groth16 verifier setup, allowing attackers to repeatedly collect ZOOM tokens when all other inputs remain the same.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Bitrefill Discloses Suspected North Korean Hacker Attack on March 1, With Approximately 18,500 Customer Purchase Records Leaked
Bitrefill suffered a cyberattack on March 1st that resulted in the leakage of approximately 18,500 customer records. The attack originated from a compromised employee laptop, using tactics similar to those of North Korean hacker groups. The company has isolated its systems and is working with experts to restore operations while strengthening cybersecurity measures.
GateNews5h ago
Slow Mist Yu Xian: MoreLogin Users Suspected of Bulk Coin Theft, Hacker Address Profited Approximately $85,000
Slowmist founder余弦 warned on X platform that multiple users have suffered theft incidents, with suspicions that private keys or seed phrases were collected by hackers. The hacker address has profited approximately $85,000, with some community members suspecting a connection to MoreLogin fingerprint browser, though no conclusive evidence has been found yet. Calling on victims to provide relevant information for investigation.
GateNews7h ago
A Chinese hacker group exposed itself due to an internal dispute over the division of stolen funds, having stolen approximately 7 million USD in cryptocurrency assets.
A hacker group has engaged in internal conflict over profit-sharing disputes, publicly exposing that they stole approximately $7 million in cryptocurrency assets through supply chain attacks. The group impersonated a network security company and used automated tools to obtain seed phrases and steal multi-chain wallet data, involving 37 types of tokens. The whistleblower plans to surrender to law enforcement, and details of the incident are pending investigation.
GateNews8h ago
CertiK Warns Security Risks in AI Agent Marketplaces Despite Next-Gen Skill Scanning
CertiK has revealed significant security vulnerabilities in AI agent marketplaces, emphasizing that current detection methods are inadequate. The research advocates for enhanced runtime security and skill isolation to prevent potential compromises from undetected malicious code.
BlockChainReporter10h ago
National Security Department Releases "Lobster" (OpenClaw) Secure Farming Manual, Proposing Four Major Risk Hazards and Countermeasures
On March 17, the National Security Department released the "Lobster" Security Hardening Guide, which identified breeding risks including host takeover and data theft. It recommends checking control interfaces, permission configurations, credential security, and plugin sources, emphasizing the principle of least privilege and implementation of isolation measures.
GateNews10h ago
