You can check the website statistics yourself or request them from us at [email protected]
On this platform, only organic high-quality traffic
Bitcoin
$ 30,725

Web3 Game Munchables Loses $62.5 Million to Exploit: ZachXBT

Munchables, the web3 gaming platform, faced a major security breach resulting in a loss of $62.5 million in Ethereum, stemming from an exploit on the Blast network.

The confirmation of the exploit came from Munchables themselves via a social media post, revealing that the incident took place on March 26. “Munchables has experienced a breach,” the company announced. “We are actively monitoring transactions and working to halt any further unauthorized movements. Further updates will follow as we gather more information.”

Investigation Suggests Potential Link to Munchables Insider

According to ZachXBT, a prominent figure in the crypto investigation sphere, the individual responsible for the exploit managed to siphon off approximately 17,414 ETH, valued at $62.5 million, as reported by Blastscan.

Further delving into the matter, ZachXBT uncovered a potential link between the exploit and a Munchables employee, given that four developers had recently been recruited by the company.

“Four developers, all linked to the exploiter, were hired by the Munchables team, and there’s a strong likelihood they are the same individual, given their mutual recommendations for the job,” ZachXBT revealed.

Moreover, the suspect was found to have consistently transferred payments to the same two exchange deposit addresses and had been funding each other’s wallets. ZachXBT took the initiative to disclose the GitHub usernames associated with the alleged exploiter, cautioning the community about the situation.

Exploit Rooted in Upgrade Manipulation

Solidity developer 0xQuit disclosed in a post that the Munchables exploit was premeditated, pointing out that a developer had made modifications to the Lock contract just before the game’s launch. This particular contract was intended to secure tokens for a specified duration.

“The Munchables exploit was planned from the moment of deployment,” 0xQuit asserted, underscoring the platform’s vulnerability due to being a “dangerously upgradeable proxy.” The exploiter took advantage of this upgradability to allocate themselves 1 million ETH, allowing them to withdraw the deposit.

“From an outsider’s perspective, the contract would appear normal if they were unaware of the original implementation,” 0xQuit elaborated. Even if the developer had transferred ownership back to the team, the damage had already been inflicted, discouraging further reliance on such upgradeable features.

In response to the catastrophic incident, the Munchables team has pledged to provide all pertinent private keys to facilitate the recovery of user funds. This includes the key associated with $62,535,441.24 USD, another holding 73 WETH, and the owner key securing the remaining funds.

Related Posts

Leave a Reply

Confirm now and stay with our news

What we write about

I want to save money. Will cryptocurrency work?

Cryptocurrency is essentially virtual money that operates in a decentralized manner, not through a bank but directly on multiple independent computers.

Every cryptocurrency has two main components: the units of digital exchange called “coins” and the network within which the exchange takes place. These units can be transferred between wallets and exchanged on exchanges. The networks in which these coins exist are called blockchains, which translates to “chains of blocks.”

Latest Articles

Indonesian President Cautions Against Crypto in Money Laundering Risks
24.04.2024By
Coinbase Set to Launch $15 million Ad Campaign During NBA Playoffs: Report
24.04.2024By
Pharrell Williams And Louis Vuitton Launch NFT-Linked Jacket To VIA Holders
24.04.2024By

Latest news

Indonesian President Cautions Against Crypto in Money Laundering Risks
24.04.2024
Coinbase Set to Launch $15 million Ad Campaign During NBA Playoffs: Report
24.04.2024
Pharrell Williams And Louis Vuitton Launch NFT-Linked Jacket To VIA Holders
24.04.2024
SEC Delays Decision on Franklin Templeton’s Spot Ethereum ETF Application
24.04.2024
Hackers Expose Code Of El Salvador’s Bitcoin Wallet App Chivo
24.04.2024
Jack Dorsey’s Block Expands Bitcoin Mining Ambitions, Develops 3nm Mining Chip
24.04.2024
South Africa’s FSCA Confirms Licenses to 75 Crypto Service Providers
23.04.2024
Binance Lawsuit in Canada Following Securities Law Violation Allegations
23.04.2024
Velvet Capital, Backed by Binance Labs, Temporarily Offline Due to Phishing Attack Risk
23.04.2024
Square Enix Is Developing Its Ethereum NFT Game Symbiogenesis With Animoca Brands
23.04.2024