New pages
Jump to navigation
Jump to search
- 17:09, 10 October 2025 SwissBorg Signs Exploit Transaction From Kiln Finance Breach (hist | edit) [20,696 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/swissborgsignsexploittransactionfromkilnfinancebreach.php}} {{Unattributed Sources}} thumb|SwissBorg Logo/HomepageAn attacker compromised a GitHub access token from Kiln Finance, using it to manipulate the infrastructure and insert a malicious transaction in Kiln's Solana staking API. This altered the withdrawal authority of Solana stakes, which was unknowingly ap...")
- 17:08, 10 October 2025 Bunni Rounding Vulnerability Enables Complex Flashloan Attack (hist | edit) [16,430 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bunniroundingvulnerabilityenablescomplexflashloanattack.php}} {{Unattributed Sources}} thumb|Bunni Logo/HomepageBunni, a decentralized exchange built on Uniswap v4 with innovative liquidity management features, suffered an $8.4 million exploit due to a subtle rounding bug in its withdrawal logic that went undetected despite extensive testing. The attacker used flas...")
- 17:07, 10 October 2025 Aifeex AIF Token Smart Contract Rewards Mechanism Exploited (hist | edit) [8,080 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/aifeexaiftokensmartcontractrewardsmechanismexploited.php}} {{Unattributed Sources}} thumb|Aifeex Logo/HomepageThe AIF token, developed by Aifeex Bank, was designed to combine AI and blockchain for decentralized, automated asset management. Despite its advanced features—such as AI-driven trading, transparent smart contracts, and DAO governance—the project faced a...")
- 17:05, 10 October 2025 YULI AI Token Contract Pool Spot Price Manipulation Exploit (hist | edit) [4,364 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/yuliaitokencontractpoolspotpricemanipulationexploit.php}} {{Unattributed Sources}} thumb|Binance Security ImageThe YULI AI smart contract, launched on July 22, 2025, was exploited due to a vulnerability that allowed a price manipulation attack. According to TenArmor, the attacker manipulated the YULIAI/USDT V3 pool’s spot price to repeatedly sell YULIAI to...")
- 17:05, 10 October 2025 HyperDrive Router Set As Operator State Changes Triggered (hist | edit) [16,093 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/hyperdriveroutersetasoperatorstatechangestriggered.php}} {{Unattributed Sources}} thumb|HyperDrive Logo/HomepageHyperDrive, a core stablecoin money market within the Hyperliquid ecosystem, was compromised due to a vulnerability in its contract design. The issue arose from users granting the Router unrestricted operator permissions, allowing attackers to execute a...")
- 17:04, 10 October 2025 HyperVault Founder Nick Olsson Internal Ledger Rug Pull (hist | edit) [14,265 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/hypervaultfoundernickolssoninternalledgerrugpull.php}} {{Unattributed Sources}} thumb|HyperVault Logo/Captured Homepage<ref name="odailynews-21267" /><ref name="peckshieldalerttweet-21268" /><ref name="unknown-5676" /><ref name="hypingbulltweet-21269" /><ref name="hypervaultdevnick-21270" /><ref name="jishkk110118twitter-21271" /><ref name="matiasgladiatortwitter...")
- 16:52, 10 October 2025 Corepound AI Yield Aggregator on Core Blockchain Rug Pull (hist | edit) [8,756 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/corepoundaiyieldaggregatoroncoreblockchainrugpull.php}} {{Unattributed Sources}} thumb|CorepoundCorepound, a yield aggregator built on the Core blockchain, claimed to optimize returns for cryptocurrency holders through AI-driven strategies, smart contract-powered vaults, and features like CoreChest and incentivized multipliers. Users were promised above-average AP...")
- 16:51, 10 October 2025 Seedify Fund Private Key OFT Contract Compromised Minting (hist | edit) [12,369 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/seedifyfundprivatekeyoftcontractcompromisedminting.php}} {{Unattributed Sources}} thumb|Seedify Logo/HomepageSeedify.Fund, a Web3 incubator and launchpad, suffered a security breach after a developer was tricked into running malware, likely by a North Korean actor, compromising critical private keys and causing a $1.7 million loss. In response, Seedify launched...")
- 16:50, 10 October 2025 UXLINK MultiSig Wallet Single Owner Vulnerability Exploited (hist | edit) [9,682 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/uxlinkmultisigwalletsingleownervulnerabilityexploited.php}} {{Unattributed Sources}} thumb|UXLINK Logo/HomepageUXLINK, a Web3 social platform designed to connect users, projects, and communities, was recently impacted by a significant security breach involving its multi-signature wallet. A critical flaw in the wallet’s design allowed a single owner to take full c...")
- 16:49, 10 October 2025 Unknown Base Smart Contract Wrapped Ethereum Attack Theft (hist | edit) [4,563 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/unknownbasesmartcontractwrappedethereumattacktheft.php}} {{Unattributed Sources}} thumb|Base Blockchain Logo/HomepageAn unknown and unverified smart contract was exploited due to a vulnerability. The incident resulted in a loss of approximately $21,000–$22,000, as reported by BlockSec Phalcon and TenArmor. Despite both parties acknowledging the incident, no...")
- 16:48, 10 October 2025 Yala Protocol Dormant OFTU Unauthorized Mint And Bridge (hist | edit) [10,796 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/yalaprotocoldormantoftuunauthorizedmintandbridge.php}} {{Unattributed Sources}} thumb|Yala Logo/HomepageYala, a platform that allows users to collateralize Bitcoin for its stablecoin $YU, experienced a security breach when a developer exploited temporary deployment keys to set up an unauthorized cross-chain bridge. This hack led to the extraction of approximately 7....")
- 16:47, 10 October 2025 Nemo Protocol Unaudited Deployment Public Flash Loan Attack (hist | edit) [17,842 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/nemoprotocolunauditeddeploymentpublicflashloanattack.php}} {{Unattributed Sources}} thumb|Nemo Protocol Logo/HomepageThe Nemo Protocol, a decentralized finance platform, was exploited after a developer released unaudited code containing vulnerabilities, including a public flash_loan function and a misconfigured query function, leading to a $2.6 million loss. Th...")
- 16:45, 10 October 2025 Unverified Contract uniswapV3Callback Lacking Access Control (hist | edit) [5,569 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/unverifiedcontractuniswapv3callbacklackingaccesscontrol.php}} {{Unattributed Sources}} thumb|Base Blockchain Logo/HomepageOn August 28th, 2025, an unverified smart contract was deployed on the Base blockchain containing a critical vulnerability: the uniswapV3SwapCallback function lacked proper access control. This allowed an attacker to exploit the contract u...")
- 11:00, 23 September 2025 DX3 AI Bot Exchange Function Price Manipulation Vulnerability (hist | edit) [7,259 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/dx3aibotexchangefunctionpricemanipulationvulnerability.php}} {{Unattributed Sources}} thumb|D3X AI Bot Logo/HomepageD3XAI is a Binance Smart Chain-based project that promoted itself as an AI-driven decentralized trading platform, promising advanced market analysis, automated strategies, and a decentralized user-controlled ecosystem. Central to its offering was the...")
- 15:43, 27 August 2025 Equilibria Finance Reward Mechanism stk-ePendle Balance Hack (hist | edit) [9,015 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/equilibriafinancerewardmechanismstkependlebalancehack.php}} {{Unattributed Sources}} thumb|Equilibria FinanceEquilibria Finance, a DeFi platform built around the Pendle Finance ecosystem, experienced an exploit in its Ethereum auto-compounder due to a misconfigured contract that allowed reward farming through repeated transfers. The attacker drained approx...")
- 15:43, 27 August 2025 ShibaSwap Treasure Finder Convert() EOA Restriction Bypass (hist | edit) [8,325 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/shibaswaptreasurefinderconverteoarestrictionbypass.php}} {{Unattributed Sources}} thumb|ShibaSwap Logo/HomepageA vulnerability in the ShibaSwap: Treasure Finder smart contract led to an exploit resulting in an estimated $27,000 loss. The issue stemmed from the convert() function lacking slippage protection during LEASH-to-WETH swaps, making it vulnerable to sandwi...")
- 15:42, 27 August 2025 BNB Token Drain After Granting Multicall3 Contract Approval (hist | edit) [6,153 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bnbtokendrainaftergrantingmulticall3contractapproval.php}} {{Unattributed Sources}} thumb|Binance Security ImageA user or contract mistakenly approved token spending rights to the Multicall3 contract, a generic batching utility with no internal access controls, allowing an attacker to exploit that approval and drain approximately 41 BNB (around $36,000) by forwardi...")
- 15:42, 27 August 2025 Coinbase MainnetSettler Approve Bug Hold Token Theft 2 (hist | edit) [6,322 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/coinbasemainnetsettlerapprovebugholdtokentheft2.php}} {{Unattributed Sources}} thumb|Coinbase Building/LogoCoinbase, a major cryptocurrency platform known for its security and broad user base, had a second repeat of a previous vulnerability in their Mainnet Settler smart contract, which led to an exploit. A wallet which has approved permissions on this contract all...")
- 15:41, 27 August 2025 GrizziFi milestoneReward Mechanism collectRefBonus Exploit (hist | edit) [10,487 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/grizzifimilestonerewardmechanismcollectrefbonusexploit.php}} {{Unattributed Sources}} thumb|Grizzifi Demo Site Logo/HomepageGrizziFi was a decentralized finance (DeFi) platform launched on the Binance Smart Chain on August 12, 2025, offering BNB staking with attractive fixed returns and a 17-level passive income system. While it promoted itself as a secure, comm...")
- 15:41, 27 August 2025 WXC Token Smart Contract Token Burn Mechanism Triggered (hist | edit) [4,333 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/wxctokensmartcontracttokenburnmechanismtriggered.php}} {{Unattributed Sources}} thumb|Binance Security ImageThe WXC smart contract was launched on the Binance Smart Chain. Shortly after, a vulnerability in its token burn mechanism—specifically triggered when selling tokens to the pair—was exploited by an attacker. As a result, approximately $30.9k was st...")
- 15:41, 27 August 2025 Ethereum ZeroTransfer Address Pollution Phishing Twice (hist | edit) [7,806 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/ethereumzerotransferaddresspollutionphishingtwice.php}} {{Unattributed Sources}} thumb|Ethereum Address PoisoningAn Ethereum address fell victim to an address pollution phishing attack. The attacker created a similar-looking wallet address to impersonate the intended recipient’s address. Due to the visual similarity, the victim mistakenly sent fun...")
- 15:40, 27 August 2025 YDT Yellow Duck Token proxyTransfer Backdoor Exploited (hist | edit) [4,313 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/ydtyellowducktokenproxytransferbackdoorexploited.php}} {{Unattributed Sources}} thumb|Binance Security ImageThe Yellow Duck Token (YDT), launched on May 24th, suffered a \$41.4k loss due to a vulnerability—or possible backdoor—in its `proxyTransfer()` function, which allowed an attacker to transfer tokens from any address using a privileged account; the...")
- 15:40, 27 August 2025 DAOSquare Treasury RICE Exploit Theft New Token Recovery (hist | edit) [9,341 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/daosquaretreasuryriceexploittheftnewtokenrecovery.php}} {{Unattributed Sources}} thumb|DAOSquare Logo/HomepageDAOSquare, a decentralized platform for launching and investing in Venture DAOs, suffered a security breach due to improper access controls in its smart contracts, allowing an attacker to withdraw RICE tokens without restriction. The exploit led to losses...")
- 15:40, 27 August 2025 IRYS AI Programmable Blockchain Revolution Backdoor Rug Pull (hist | edit) [9,070 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/irysaiprogrammableblockchainrevolutionbackdoorrugpull.php}} {{Unattributed Sources}} thumb|IRYS AI Logo/HomepageIRYS AI was promoted as a groundbreaking blockchain platform enabling programmable, on-chain data interaction for smart contracts and AI agents. It introduced a multi-ledger architecture, the IrysVM execution layer, and a hybrid consensus model, positioning...")
- 15:38, 27 August 2025 MapleStory Universe NXPC PancakeSwap Arbitrage Opportunity (hist | edit) [10,751 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/maplestoryuniversenxpcpancakeswaparbitrageopportunity.php}} {{Unattributed Sources}} thumb|MapleStory Universe Logo/Homepage<ref name="tenarmortweet-20846" /><ref name="bscscantransaction-20847" /><ref name="soong1911tweet-20848" /><ref name="qashnfttweet-20849" /><ref name="nxpccontract-20850" /><ref name="nxpccreation-20851" /><ref name="nxpccoinmarketca...")
- 15:38, 27 August 2025 AIBlockmind Block DevManage Set Using Official Private Key (hist | edit) [6,747 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/aiblockmindblockdevmanagesetusingofficialprivatekey.php}} {{Unattributed Sources}} thumb|Binance Security ImageAiBlockmind, a smart contract deployed on March 5, 2025, was heavily promoted starting mid-February but ultimately suffered a breach or was malicious by design. A wallet with "DevManage" permissions minted additional Block tokens, which were sold fo...")
- 15:37, 27 August 2025 X3 Unverified BSC Smart Contract Suspicious Attack Transaction (hist | edit) [3,594 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/x3unverifiedbscsmartcontractsuspiciousattacktransaction.php}} {{Unattributed Sources}} thumb|Binance Security ImageThe X3 unverified smart contract, created on May 7th, was found to have a vulnerability that led to a reported loss of $131.4K USD, according to blockchain security firm TenArmor. No technical analysis of the exploit has been conducted, and asid...")
- 15:37, 27 August 2025 Term Finance tETH Decimal Precision Mismatch Liquidations (hist | edit) [11,967 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/termfinancetethdecimalprecisionmismatchliquidations.php}} {{Unattributed Sources}} thumb|Term Finance Logo/HomepageTerm Finance, a decentralized lending platform offering fixed-rate crypto loans via on-chain auctions, experienced an incident caused by an internal human error during an update to the tETH price oracle. Specifically, a decimal precision mismatch be...")
- 15:37, 27 August 2025 Zora BaseSettler BaseSettlerMetaTxn Mistakenly Claimable (hist | edit) [6,627 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/zorabasesettlerbasesettlermetatxnmistakenlyclaimable.php}} {{Unattributed Sources}} thumb|Zora Network Logo/HomepageZora, an onchain social network aimed at empowering creators through decentralized tools and the $ZORA token, suffered a smart contract vulnerability due to human error. The team mistakenly set claimable tokens for contracts that could execute arbi...")
- 15:36, 27 August 2025 BTNFT Contract BTT Rewards Not Validating NFT Ownership (hist | edit) [5,515 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/btnftcontractbttrewardsnotvalidatingnftownership.php}} {{Unattributed Sources}} thumb|Binance Security ImageThe BTNFT smart contract was deployed, though its connection to BitTorrent remains uncertain. A vulnerability in the contract's logic allowed anyone to exploit the reward mechanism by transferring BTNFT tokens to the contract without needing to prove N...")
- 15:36, 27 August 2025 Sola Unverified Contract withdrawToken Lacking Access Control (hist | edit) [6,461 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/solaunverifiedcontractwithdrawtokenlackingaccesscontrol.php}} {{Unattributed Sources}} thumb|Binance Security ImageAn unverified smart contract at address 0x623c—possibly linked to the Sola Token—was exploited due to a critical lack of access control on its withdrawToken() function, allowing anyone to transfer tokens from it. The attacker used a maliciou...")
- 15:36, 27 August 2025 Unknown Contract uniswapV3SwapCallback Lacks Access Control (hist | edit) [4,371 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/unknowncontractuniswapv3swapcallbacklacksaccesscontrol.php}} {{Unattributed Sources}} thumb|Base Blockchain Logo/HomepageA base blockchain wallet was exploited due to a vulnerability in its smart contract, specifically a lack of access control on the uniswapV3SwapCallback() function. This flaw allowed attackers to easily exploit the contract, resulting in an...")
- 15:35, 27 August 2025 Morpho Labs Bundler3 Misconfiguration Drains User Wallet (hist | edit) [10,857 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/morpholabsbundler3misconfigurationdrainsuserwallet.php}} {{Unattributed Sources}} thumb|Morpho Labs Logo/HomepageMorpho experienced a front-end incident caused by a misconfigured SDK update during the transition from Bundler2 to Bundler3, which mistakenly directed token approvals to the Bundler3 contract rather than its adapters. This oversight left a bundled tra...")
- 15:35, 27 August 2025 Poofknuckle Ancient Ethereum Mixing Test Contract Exploited (hist | edit) [8,158 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/poofknuckleancientethereummixingtestcontractexploited.php}} {{Unattributed Sources}} thumb|Ethereum FoundationLaundromat, a decentralized Ethereum mixer developed by BitBoost, aimed to provide transaction privacy by allowing users to mix ETH in sessions via smart contracts and ring signatures. Though initially well-received as an experimental privacy tool...")
- 15:34, 27 August 2025 Mochi DeFi Contract Multiple Transactions Suspicious Attack (hist | edit) [6,313 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/mochideficontractmultipletransactionssuspiciousattack.php}} {{Unattributed Sources}} thumb|Mochi DeFi Logo/HomepageMochiFi, a DeFi platform that enabled users to use digital assets and NFTs as collateral to borrow its native stablecoin USDM, suffered a security breach due to a vulnerability in its smart contract. This led to a suspicious transaction resulting in a...")
- 15:34, 27 August 2025 AIRWA Access Control Public Burn Rate Function Exploited (hist | edit) [7,105 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/airwaaccesscontrolpublicburnratefunctionexploited.php}} {{Unattributed Sources}} thumb|Binance Security ImageThe $AIRWA token on Binance Smart Chain was exploited due to a critical vulnerability in its smart contract. Launched just a day earlier, the contract lacked access control on its setBurnRate() function, allowing anyone to change the token’s burn ra...")
- 15:34, 27 August 2025 Alkimiya SilicaPools uint128 Truncation Unsafe Downcasting (hist | edit) [10,065 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/alkimiyasilicapoolsuint128truncationunsafedowncasting.php}} {{Unattributed Sources}} thumb|AlkimiyaAlkimiya, a protocol for trading on real blockchain and macroeconomic metrics, was recently targeted in a sophisticated exploit due to an unsafe type cast (from uint256 to uint128) in its SilicaPools contract. The attacker used a flash loan to exploit this truncation...")
- 15:31, 27 August 2025 Coinbase MainnetSettler Approval Issue Hold Token Theft 1 (hist | edit) [6,302 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/coinbasemainnetsettlerapprovalissueholdtokentheft1.php}} {{Unattributed Sources}} thumb|Coinbase Building/LogoCoinbase, a major cryptocurrency platform known for its security and broad user base, had a vulnerability in their Mainnet Settler smart contract, which led to an exploit. A wallet which has approved permissions on this contract allowed an attacker to execu...")
- 15:31, 27 August 2025 HMS HMagician Smart Contract Burn Mechanism Exploited (hist | edit) [3,813 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/hmshmagiciansmartcontractburnmechanismexploited.php}} {{Unattributed Sources}} thumb|Binance Security ImageA recently deployed HMS (short for HMagician) smart contract contained a vulnerability in its burn mechanism. This flaw was exploited, leading to an estimated loss of approximately $94.6K, according to a report by TenArmor. The project does not appear t...")
- 14:38, 27 August 2025 ABCCApp USDT Overclaim addFixedDay Access Control Missing (hist | edit) [4,718 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/abccappusdtoverclaimaddfixeddayaccesscontrolmissing.php}} {{Unattributed Sources}} thumb|Binance Security ImageThe ABCCApp smart contract on Binance Smart Chain allowed users to claim daily stablecoin rewards but contained a critical vulnerability due to a missing access control on the addFixedDay function. This function was essential in calculating claimabl...")
- 14:38, 27 August 2025 Missing Access Control in uniswapV3SwapCallback Function (hist | edit) [10,071 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/missingaccesscontrolinuniswapv3swapcallbackfunction.php}} {{Unattributed Sources}} thumb|Analysis Of Malicious TransactionA recent exploit on the Base chain targeted a smart contract at address 0x8d2e, resulting in a $40,000 loss in USDC due to improper access control on the uniswapV3SwapCallback function. This function is a core part of Uniswap V...")
- 14:37, 27 August 2025 ImToken Third Party Selling Pre-Initialized Secure Cold Wallet (hist | edit) [8,400 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/imtokenthirdpartysellingpreinitializedsecurecoldwallet.php}} {{Unattributed Sources}} thumb|imToken Logo/Homepage, Screenshots Of SellerimToken is a popular non-custodial digital wallet used by over 20 million people across 150+ countries, offering secure access to a wide range of blockchain networks including Bitcoin, Ethereum, and TRON. A victim lost 4.35 BTC...")
- 14:36, 27 August 2025 LotteryTicket50 Smart Contract Nalakuvara Tokens Frained (hist | edit) [6,838 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/lotteryticket50smartcontractnalakuvaratokensfrained.php}} {{Unattributed Sources}} thumb|Base Blockchain Logo/HomepageA critical vulnerability in the `LotteryTicketSwap50` contract was exploited due to flawed logic in how it calculated ticket value and handled liquidity. Specifically, the contract used fixed ticket valuations and lacked slippage protection, a...")
- 14:36, 27 August 2025 YB Token Sandwich Attack Due To No Slippage Protection (hist | edit) [5,358 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/ybtokensandwichattackduetonoslippageprotection.php}} {{Unattributed Sources}} thumb|Binance Security ImageThe YB token smart contract, launched on May 18th, 2024, had a vulnerability in its _tokenTransfer function, which automatically triggers a bot to perform token swaps without proper slippage protection. This flaw allowed attackers to manipulate token pri...")
- 14:36, 27 August 2025 LibertyCoin LibertyLife LibertyUseCase Price Manipulation Attack (hist | edit) [15,276 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/libertycoinlibertylifelibertyusecasepricemanipulationattack.php}} {{Unattributed Sources}} thumb|Liberty Coin/Liberty Life Logo/HomepageLiberty Life, a DeFi project built around Liberty Coin (LBTC) on Binance Smart Chain, recently suffered a major exploit due to a flaw in its new smart contract. The vulnerability stemmed from relying on PancakeSwap’s spot pric...")
- 14:35, 27 August 2025 OPC Token Flawed Sell Burn Mechanism Price Logic Exploited (hist | edit) [8,213 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/opctokenflawedsellburnmechanismpricelogicexploited.php}} {{Unattributed Sources}} thumb|Binance Security ImageThe OPC smart contract on Binance Smart Chain contained a critical flaw in its sell function that caused the token’s price to rise instead of fall during sales. This backwards logic stemmed from burning OPC tokens directly from the liquidity pool e...")
- 14:06, 1 August 2025 MOne Meta Pro App Allows Anyone To Unwrap Their ETH (hist | edit) [6,811 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/monemetaproappallowsanyonetounwraptheireth.php}} {{Unattributed Sources}} thumb|MOne Meta Pro App Logo/HomepagemOne, a superapp combining payments, entertainment, and identity management, suffered a security breach due to a vulnerability in its base blockchain infrastructure. Specifically, the `unwrapWETH()` function in the `MPRODoubleRewardAutoStake` contrac...")
- 16:54, 31 July 2025 VDS V-Dimension BEP20 Smart Contract Business Logic Flaw (hist | edit) [9,532 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/vdsvdimensionbep20smartcontractbusinesslogicflaw.php}} {{Unattributed Sources}} thumb|Binance Security ImageA smart contract at address 0x6ce69d7146dbaae18c11c36d8d94428623b29d5a, associated with a token named "BEP-20: V-Dimension (VDS)," was exploited due to a vulnerability. An attacker manipulated the contract to over-mint and over-redeem synthetic tokens...")
- 16:53, 31 July 2025 TokenVault Old Smart Contract Exploited Similarly To Bankroll (hist | edit) [4,874 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/tokenvaultoldsmartcontractexploitedsimilarlytobankroll.php}} {{Unattributed Sources}} thumb|Binance Security ImageA 2021 smart contract named TokenVault, created by "donfunction.bnb" was deployed with a critical vulnerability. Similar to the Bankroll exploit, this flaw allowed attackers to drain funds from users who had granted the contract unlimited token p...")
- 16:53, 31 July 2025 KRC Smart Contract Deflationary Mechanism Burn Exploit (hist | edit) [5,610 bytes] Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/krcsmartcontractdeflationarymechanismburnexploit.php}} {{Unattributed Sources}} thumb|Binance Security ImageAn attacker exploited a vulnerability in the KRC smart contract on Binance Smart Chain by bypassing `transfer()` restrictions to burn tokens from the liquidity pair during sell swaps, ultimately profiting $37.1k in USDT through a deflationary mechanism...")
