#CommunityAlert 🚨
#Arbix Finance has been identified as #rugpull. Privileged functionalities appear in the identified smart contracts.
The team is looking into it.
DO NOT interact with the project!
#Arbix Finance has been identified as #rugpull. Privileged functionalities appear in the identified smart contracts.
The team is looking into it.
DO NOT interact with the project!
Incident Analysis👇
1. $ARBX contract has mint() with onlyOwner function
2. 10M $ARBX were minted to 8 addresses
3. ~4.5M ARBX were minted to: 0x161262d172699cf0a5e09b6cdfa5fee7f32c183d
4. The 4.5M ARBX were then dumped
1. $ARBX contract has mint() with onlyOwner function
2. 10M $ARBX were minted to 8 addresses
3. ~4.5M ARBX were minted to: 0x161262d172699cf0a5e09b6cdfa5fee7f32c183d
4. The 4.5M ARBX were then dumped
The funds deposited by users ($10M) were directed to unverified pools via the depositor contract
The hacker drained all assets from the pools
Depositor address: tinyurl.com/2p983z9d
1 of the unverified pools: tinyurl.com/yp4dj38v
Hacker address: tinyurl.com/4x98ef26
The hacker drained all assets from the pools
Depositor address: tinyurl.com/2p983z9d
1 of the unverified pools: tinyurl.com/yp4dj38v
Hacker address: tinyurl.com/4x98ef26
#SkyTrace Analysis
#Arbix #rugpull incident follow-up.
The attacker moved the rugged funds to #Ethereum thru AnySwap USDT. The fund is being held in the address: 0xdc85c1eb22b0ece7be559a83fd788fe57f5a7a9f
Check out more with SkyTrace 👇
certik.com/skytrace/eth:0…
#Arbix #rugpull incident follow-up.
The attacker moved the rugged funds to #Ethereum thru AnySwap USDT. The fund is being held in the address: 0xdc85c1eb22b0ece7be559a83fd788fe57f5a7a9f
Check out more with SkyTrace 👇
certik.com/skytrace/eth:0…
The exploited contract was not in the audit scope that was done for Arbix. The project inserted eight `mint()` functions to a newly deployed ARBX ERC20 contract which allowed the owner to mint any amount of ARBX tokens to any address.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
