Fairyproof’s Analysis of the Attack on Vulcan Forged
It was discovered that 148 wallets that held the PRY token were compromised in an attack on Vulcan Forged. In this incident, some crypto…
It was discovered that 148 wallets that held the PRY token were compromised in an attack on Vulcan Forged. In this incident, some crypto assets on both Ethereum and Polygon in these wallets were stolen, including ETH, PYR, USDC, AAG, SAND, NCR, MC, etc. The most exploited token was PYR whose exploited quantity reached 3 million. All these tokens were valued at around 60 million USDs.
The attacker’s address was: 0x48ad05a3B73c9E7fAC5918857687d6A11d2c73B1. The attacker transferred the exploited assets on Polygon to Ethereum and exchanged the ERC-20 tokens to ETHs via “1inch v4: Router” deployed at 0x1111111254fb6c44bAC0beD2854e76F90643097d.
The attacker sent the PYR tokens to the following addresses: 0x36D017ef00a1024B8046eC11C21EC8bea49eb347 and 0x72DA9017193c2475CBAEe4228Addfbcf49668bfF and exchanged them to ETHs and then sent part of the ETHs to 0xe3cD90be37A79D9da86b5E14E2F6042Cd0e53b66
It is worth noting that the wallets that were compromised in this incident were not managed in a decentralized way. VulcanForged stated that it would resort to a 100% decentralized wallet in the near future to mitigate this risk.