PANews reported on October 20th that Sharwa.Finance disclosed an attack and subsequent suspension of operations, according to a BlockSec Phalcon alert. However, several suspicious transactions occurred hours later, likely exploiting the same underlying vulnerability through a slightly different attack path. Overall, the attacker first created a margin account, then used the provided collateral to borrow additional assets through leveraged lending, and finally launched a "sandwich attack" targeting swap operations involving the borrowed assets. The root cause appears to be a missing bankruptcy check in the swap() function of the MarginTrading contract, which is used to swap borrowed assets from one token (such as WBTC) to another (such as USDC). This function only verifies solvency based on the account's state at the time the swap begins, before executing the asset swap. This leaves room for manipulation. Attacker 1 (beginning with 0xd356) conducted multiple attacks, profiting approximately $61,000. Attacker 2 (beginning with 0xaa24) conducted a single attack, profiting approximately $85,000.PANews reported on October 20th that Sharwa.Finance disclosed an attack and subsequent suspension of operations, according to a BlockSec Phalcon alert. However, several suspicious transactions occurred hours later, likely exploiting the same underlying vulnerability through a slightly different attack path. Overall, the attacker first created a margin account, then used the provided collateral to borrow additional assets through leveraged lending, and finally launched a "sandwich attack" targeting swap operations involving the borrowed assets. The root cause appears to be a missing bankruptcy check in the swap() function of the MarginTrading contract, which is used to swap borrowed assets from one token (such as WBTC) to another (such as USDC). This function only verifies solvency based on the account's state at the time the swap begins, before executing the asset swap. This leaves room for manipulation. Attacker 1 (beginning with 0xd356) conducted multiple attacks, profiting approximately $61,000. Attacker 2 (beginning with 0xaa24) conducted a single attack, profiting approximately $85,000.
BlockSec: Sharwa.Finance suffered multiple attacks, resulting in losses exceeding $140,000
PANews reported on October 20th that Sharwa.Finance disclosed an attack and subsequent suspension of operations, according to a BlockSec Phalcon alert. However, several suspicious transactions occurred hours later, likely exploiting the same underlying vulnerability through a slightly different attack path. Overall, the attacker first created a margin account, then used the provided collateral to borrow additional assets through leveraged lending, and finally launched a "sandwich attack" targeting swap operations involving the borrowed assets. The root cause appears to be a missing bankruptcy check in the swap() function of the MarginTrading contract, which is used to swap borrowed assets from one token (such as WBTC) to another (such as USDC). This function only verifies solvency based on the account's state at the time the swap begins, before executing the asset swap. This leaves room for manipulation. Attacker 1 (beginning with 0xd356) conducted multiple attacks, profiting approximately $61,000. Attacker 2 (beginning with 0xaa24) conducted a single attack, profiting approximately $85,000.
Market Opportunity
The Root Network Price(ROOT)
$0.000137
$0.000137$0.000137
USD
The Root Network (ROOT) Live Price Chart
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
You May Also Like
Finary Secures €25M Funding to Enhance Crypto Integration
The post Finary Secures €25M Funding to Enhance Crypto Integration appeared on BitcoinEthereumNews.com. Key Points: Finary’s €25M Series B funding led by PayPal Ventures boosts crypto offerings. Further integrates BTC, ETH, and altcoins into its platform. 600,000 users benefit from expanded financial tools and AI features. Finary, a Paris-based fintech startup, secured €25 million in Series B funding, led by PayPal Ventures, incorporating cryptocurrency investment capabilities into their wealth management services. This funding enables Finary to expand European operations, enhance their crypto portfolio, and leverage AI tools in wealth management, potentially increasing crypto market involvement. Finary Secures €25M for Enhanced Crypto Adoption in Europe Finary’s completion of a €25 million Series B funding round marks significant progress in its financial journey, bolstered by strategic investment from PayPal Ventures and others. The startup’s founders, Mounir Laggoune and Julien Blancher, lead efforts in providing more inclusive wealth management services, notably through enhanced digital asset integrations. This funding initiative indicates a strong commitment towards improving crypto investment options, paving the way for broader financial access and inclusion for users across Europe. The implications of this funding advance Finary’s capability to grow its operations and enhance AI-driven wealth management tools, including the integration of crypto investments like BTC, ETH, and select altcoins. This initiative aims to expand the financial tools available to its user base, now growing beyond 600,000. By offering broader access to top cryptocurrency assets, Finary enhances both retail and private wealth management portfolios. Market responses from experts acknowledge PayPal Ventures’ strategic interest in the fintech-crypto convergence. Quotes from Ian, partner at PayPal Ventures, emphasize their dedication to financial wellness as “PayPal sits at a powerful inflection point.” This underlines the market’s view that Finary’s funding round potentiates substantial growth in the adoption and usage of cryptocurrencies across wealth management platforms. Crypto Tools Poised for Growth Amidst Strong Market Support Did you know? PayPal’s 2020…
Share
BitcoinEthereumNews2025/09/21 18:12
Stronger Euro seen as disinflationary but manageable – Nomura
The post Stronger Euro seen as disinflationary but manageable – Nomura appeared on BitcoinEthereumNews.com. Nomura analysts note EUR/USD’s move above 1.20 and subsequent
Share
BitcoinEthereumNews2026/02/11 16:44
Crypto Fear & Greed Index Plunges To 45, What It Means For You
The post Crypto Fear & Greed Index Plunges To 45, What It Means For You appeared on BitcoinEthereumNews.com. Urgent Alert: Crypto Fear & Greed Index Plunges To 45, What It Means For You Skip to content Home Crypto News Urgent Alert: Crypto Fear & Greed Index Plunges to 45, What It Means For You Source: https://bitcoinworld.co.in/crypto-fear-greed-index-plunges-2/
Share
BitcoinEthereumNews2025/09/22 08:26