Attackers deployed malicious contract to old address of one of most popular DeFi protocols, 1inch
Veteran developer Justin Babis, CEO of Byte Mason’s Web3 Development Studio, reported that one of the older wallets of the 1-inch network (1INCH) addresses is being misused.
Old Fantom (FTM) wallet of 1inch Network under attack
Bebis has taken to Twitter to inform users that an old address on the Fantom (FTM) network that was previously used by 1inch Network (1INCH) multi-blockchain DeFi protocol, is controlled by malefactors.
The attackers deployed a malicious contract at the address 0x11111112542d85b3ef69ae05771c2dccff4faa26. Therefore, all DeFi users who interact with the contract are putting their money at risk.
Bebis asked all Fantom (FTM) users who had approved transactions with the aforementioned compromised address involved to immediately revoke them.
As of print time, addresses are labeled as “exploited” and “phished/hacked” addresses by FTMScan, a major Phantom (FTM) Network Explorer service. It is highly likely that attackers use the same vector as the recent exploits of “abusive” addresses that hit headlines in mid-September 2022.
1inch co-founder Sergej Kunz announces refund program
Back then, attackers exploited the generators of “vanity” (partially human-readable) addresses; they accessed key generation instruments and drained over $3.3 million.
Following the alert from Babis, one of the founders of 1 Inch Network, Sergej Kunz, explained that some users of the API endpoint authorize transactions on a phantom address that, in fact, only exists on the Ethereum (ETH) network (Ethereum). And Phantom contracts use the same address as 0x).
Also, Kunz stated that a refund program had been launched and he had already informed affected users. He also stated that law officers of 1inch are ready to report the attack to the police.
