You can check the website statistics yourself or request them from us at [email protected]
On this platform, only organic high-quality traffic
Bitcoin
$ 30,725

Web3 Game Munchables Loses $62.5 Million to Exploit: ZachXBT

Munchables, the web3 gaming platform, faced a major security breach resulting in a loss of $62.5 million in Ethereum, stemming from an exploit on the Blast network.

The confirmation of the exploit came from Munchables themselves via a social media post, revealing that the incident took place on March 26. “Munchables has experienced a breach,” the company announced. “We are actively monitoring transactions and working to halt any further unauthorized movements. Further updates will follow as we gather more information.”

Investigation Suggests Potential Link to Munchables Insider

According to ZachXBT, a prominent figure in the crypto investigation sphere, the individual responsible for the exploit managed to siphon off approximately 17,414 ETH, valued at $62.5 million, as reported by Blastscan.

Further delving into the matter, ZachXBT uncovered a potential link between the exploit and a Munchables employee, given that four developers had recently been recruited by the company.

“Four developers, all linked to the exploiter, were hired by the Munchables team, and there’s a strong likelihood they are the same individual, given their mutual recommendations for the job,” ZachXBT revealed.

Moreover, the suspect was found to have consistently transferred payments to the same two exchange deposit addresses and had been funding each other’s wallets. ZachXBT took the initiative to disclose the GitHub usernames associated with the alleged exploiter, cautioning the community about the situation.

Exploit Rooted in Upgrade Manipulation

Solidity developer 0xQuit disclosed in a post that the Munchables exploit was premeditated, pointing out that a developer had made modifications to the Lock contract just before the game’s launch. This particular contract was intended to secure tokens for a specified duration.

“The Munchables exploit was planned from the moment of deployment,” 0xQuit asserted, underscoring the platform’s vulnerability due to being a “dangerously upgradeable proxy.” The exploiter took advantage of this upgradability to allocate themselves 1 million ETH, allowing them to withdraw the deposit.

“From an outsider’s perspective, the contract would appear normal if they were unaware of the original implementation,” 0xQuit elaborated. Even if the developer had transferred ownership back to the team, the damage had already been inflicted, discouraging further reliance on such upgradeable features.

In response to the catastrophic incident, the Munchables team has pledged to provide all pertinent private keys to facilitate the recovery of user funds. This includes the key associated with $62,535,441.24 USD, another holding 73 WETH, and the owner key securing the remaining funds.

Related Posts

Leave a Reply

Confirm now and stay with our news

What we write about

I want to save money. Will cryptocurrency work?

Cryptocurrency is essentially virtual money that operates in a decentralized manner, not through a bank but directly on multiple independent computers.

Every cryptocurrency has two main components: the units of digital exchange called “coins” and the network within which the exchange takes place. These units can be transferred between wallets and exchanged on exchanges. The networks in which these coins exist are called blockchains, which translates to “chains of blocks.”

Latest Articles

S&P Global Ratings joins Singapore MAS’s Project Guardian
28.06.2024By
Boden Memecoin Crashes After US President Biden’s Poor Debate Performance
28.06.2024By
Steno Research Expects $15-20B Inflows into Ether Spot ETFs, Predicts $6,500 Price Target
28.06.2024By

Latest news

S&P Global Ratings joins Singapore MAS’s Project Guardian
28.06.2024
Boden Memecoin Crashes After US President Biden’s Poor Debate Performance
28.06.2024
Steno Research Expects $15-20B Inflows into Ether Spot ETFs, Predicts $6,500 Price Target
28.06.2024
Bitcoin Mining Firm CleanSpark Acquires GRIID in $155M Stock Deal
28.06.2024
Elastos Partners With BEVM to Launch Bitcoin P2P Loans, Targeting $1.3T in Dormant Value
28.06.2024
Coinbase Files Lawsuits Against SEC, FDIC Over FOIA Request
27.06.2024
UK Watchdog Boosts Crypto Division to 100 Staff Members
27.06.2024
Hong Kong Government Explores DeFi and Metaverse to Boost Fintech Dominance
27.06.2024
Spot Ether ETFs May Receive US Approval by July 4: Report
27.06.2024
Bitcoin ETFs See Inflows for Second Consecutive Day as BTC Holds Steady at $60K
27.06.2024