PANews reported on October 20th that Sharwa.Finance disclosed an attack and subsequent suspension of operations, according to a BlockSec Phalcon alert. However, several suspicious transactions occurred hours later, likely exploiting the same underlying vulnerability through a slightly different attack path. Overall, the attacker first created a margin account, then used the provided collateral to borrow additional assets through leveraged lending, and finally launched a "sandwich attack" targeting swap operations involving the borrowed assets. The root cause appears to be a missing bankruptcy check in the swap() function of the MarginTrading contract, which is used to swap borrowed assets from one token (such as WBTC) to another (such as USDC). This function only verifies solvency based on the account's state at the time the swap begins, before executing the asset swap. This leaves room for manipulation. Attacker 1 (beginning with 0xd356) conducted multiple attacks, profiting approximately $61,000. Attacker 2 (beginning with 0xaa24) conducted a single attack, profiting approximately $85,000.PANews reported on October 20th that Sharwa.Finance disclosed an attack and subsequent suspension of operations, according to a BlockSec Phalcon alert. However, several suspicious transactions occurred hours later, likely exploiting the same underlying vulnerability through a slightly different attack path. Overall, the attacker first created a margin account, then used the provided collateral to borrow additional assets through leveraged lending, and finally launched a "sandwich attack" targeting swap operations involving the borrowed assets. The root cause appears to be a missing bankruptcy check in the swap() function of the MarginTrading contract, which is used to swap borrowed assets from one token (such as WBTC) to another (such as USDC). This function only verifies solvency based on the account's state at the time the swap begins, before executing the asset swap. This leaves room for manipulation. Attacker 1 (beginning with 0xd356) conducted multiple attacks, profiting approximately $61,000. Attacker 2 (beginning with 0xaa24) conducted a single attack, profiting approximately $85,000.
BlockSec: Sharwa.Finance suffered multiple attacks, resulting in losses exceeding $140,000
PANews reported on October 20th that Sharwa.Finance disclosed an attack and subsequent suspension of operations, according to a BlockSec Phalcon alert. However, several suspicious transactions occurred hours later, likely exploiting the same underlying vulnerability through a slightly different attack path. Overall, the attacker first created a margin account, then used the provided collateral to borrow additional assets through leveraged lending, and finally launched a "sandwich attack" targeting swap operations involving the borrowed assets. The root cause appears to be a missing bankruptcy check in the swap() function of the MarginTrading contract, which is used to swap borrowed assets from one token (such as WBTC) to another (such as USDC). This function only verifies solvency based on the account's state at the time the swap begins, before executing the asset swap. This leaves room for manipulation. Attacker 1 (beginning with 0xd356) conducted multiple attacks, profiting approximately $61,000. Attacker 2 (beginning with 0xaa24) conducted a single attack, profiting approximately $85,000.
Market Opportunity
FINANCE Price(FINANCE)
$0.0001892
$0.0001892$0.0001892
USD
FINANCE (FINANCE) Live Price Chart
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
You May Also Like
Cashing In On University Patents Means Giving Up On Our Innovation Future
The post Cashing In On University Patents Means Giving Up On Our Innovation Future appeared on BitcoinEthereumNews.com. “It’s a raid on American innovation that would deliver pennies to the Treasury while kneecapping the very engine of our economic and medical progress,” writes Pipes. Getty Images Washington is addicted to taxing success. Now, Commerce Secretary Howard Lutnick is floating a plan to skim half the patent earnings from inventions developed at universities with federal funding. It’s being sold as a way to shore up programs like Social Security. In reality, it’s a raid on American innovation that would deliver pennies to the Treasury while kneecapping the very engine of our economic and medical progress. Yes, taxpayer dollars support early-stage research. But the real payoff comes later—in the jobs created, cures discovered, and industries launched when universities and private industry turn those discoveries into real products. By comparison, the sums at stake in patent licensing are trivial. Universities collectively earn only about $3.6 billion annually in patent income—less than the federal government spends on Social Security in a single day. Even confiscating half would barely register against a $6 trillion federal budget. And yet the damage from such a policy would be anything but trivial. The true return on taxpayer investment isn’t in licensing checks sent to Washington, but in the downstream economic activity that federally supported research unleashes. Thanks to the bipartisan Bayh-Dole Act of 1980, universities and private industry have powerful incentives to translate early-stage discoveries into real-world products. Before Bayh-Dole, the government hoarded patents from federally funded research, and fewer than 5% were ever licensed. Once universities could own and license their own inventions, innovation exploded. The result has been one of the best returns on investment in government history. Since 1996, university research has added nearly $2 trillion to U.S. industrial output, supported 6.5 million jobs, and launched more than 19,000 startups. Those companies pay…
Share
BitcoinEthereumNews2025/09/18 03:26
Trump Reviews Candidates to Succeed Fed Chair Powell
The post Trump Reviews Candidates to Succeed Fed Chair Powell appeared on BitcoinEthereumNews.com. Key Points: Trump evaluates Fed Chair candidates, considering
Share
BitcoinEthereumNews2025/12/19 08:34
Will XRP Price Increase In September 2025?
Ripple XRP is a cryptocurrency that primarily focuses on building a decentralised payments network to facilitate low-cost and cross-border transactions. It’s a native digital currency of the Ripple network, which works as a blockchain called the XRP Ledger (XRPL). It utilised a shared, distributed ledger to track account balances and transactions. What Do XRP Charts Reveal? […]
Share
Tronweekly2025/09/18 00:00