PANews reported on January 26 that, according to BlockSec Phalcon monitoring, a series of suspicious transactions targeting victim contracts deployed on EthereumPANews reported on January 26 that, according to BlockSec Phalcon monitoring, a series of suspicious transactions targeting victim contracts deployed on Ethereum

BlockSec: Two blockchain developers attacked; contract vulnerability causes $17 million in losses.

Author: PANews

Source: PANews

2026/01/26 10:48

PANews reported on January 26 that, according to BlockSec Phalcon monitoring, a series of suspicious transactions targeting victim contracts deployed on Ethereum, Arbitrum, Base, and BSC were discovered several hours ago. These transactions, originating from contracts deployed by two creators, resulted in an attack and total losses exceeding $17 million. The victim contracts were not open source and appeared to contain an arbitrary call vulnerability. The attackers abused existing token authorization to execute transferFrom operations to steal assets.

Affected deployers:

0xbeef63AE5a2102506e8a352a5bB32aA8B30B3112 — Loss of approximately $3.67 million;
0x9cb8d9BaE84830b7F5F11ee5048c04a80b8514BA — Loss of approximately $13.41 million.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.