BorsaDEX+
Kripto AlPiyasalarSpotVadeli İşlemler500XBirikimEtkinlikler
Daha Fazla
ELIZAOS Etkinliği2000g
TLDR Nemo Protocol’s $2.6 million exploit stemmed from unaudited code and developer errors. The vulnerabilities were introduced in January and led to unauthorized access and fund theft. Nemo has paused operations, patched the issues, and is working on compensating affected users. The attack exploited a flash loan function and query flaw, draining assets from liquidity [...] The post Nemo Protocol Explains $2.6 Million Exploit Caused by Code Vulnerabilities appeared first on CoinCentral.TLDR Nemo Protocol’s $2.6 million exploit stemmed from unaudited code and developer errors. The vulnerabilities were introduced in January and led to unauthorized access and fund theft. Nemo has paused operations, patched the issues, and is working on compensating affected users. The attack exploited a flash loan function and query flaw, draining assets from liquidity [...] The post Nemo Protocol Explains $2.6 Million Exploit Caused by Code Vulnerabilities appeared first on CoinCentral.

Nemo Protocol Explains $2.6 Million Exploit Caused by Code Vulnerabilities

Yazar: Coincentral
2025/09/11 18:05
FUND
FUND$0.01076-4.77%

TLDR

  • Nemo Protocol’s $2.6 million exploit stemmed from unaudited code and developer errors.
  • The vulnerabilities were introduced in January and led to unauthorized access and fund theft.
  • Nemo has paused operations, patched the issues, and is working on compensating affected users.
  • The attack exploited a flash loan function and query flaw, draining assets from liquidity pools.

Nemo Protocol, a DeFi platform built on the Sui blockchain, has outlined the causes of its $2.6 million exploit earlier this month. The platform revealed in a post-mortem report that the attack was due to two vulnerabilities introduced into its code by a developer and deployed without proper auditing. The breach, which occurred on September 7, exploited flaws that allowed unauthorized access and manipulation of its smart contract.

Vulnerabilities in the Codebase

The Nemo team explained that the exploit stemmed from two primary issues within the code. First, an internal flash loan function was accidentally exposed to the public. Second, a flaw in a query function enabled unauthorized state changes within the contract. These vulnerabilities were introduced in January 2023, after the protocol received an initial audit report from blockchain security firm MoveBit. Despite the warnings, one of Nemo’s developers incorporated new, unaudited features into the codebase and deployed them to the mainnet.

Notably, the governance structure of the protocol relied on a single-signature address for upgrades, which allowed the unvetted code to be deployed. The team acknowledged that this system failed to prevent risky updates from being introduced. Furthermore, despite a security warning from Asymptotic in August regarding a separate vulnerability, the team did not take immediate action to address the issue.

Exploit Mechanics and Fund Movement

The attacker exploited the combination of the flash loan function and the query function vulnerability to manipulate the contract’s internal state. This enabled the unauthorized draining of assets from the SY/PT liquidity pool. The stolen funds were moved from the Sui network to Ethereum via the Wormhole CCTP bridge. As of now, the majority of the stolen assets remain in a single address.

In response to the breach, Nemo Protocol has paused its core functions to prevent further damage. The team has already patched the vulnerabilities and submitted the updated code for an emergency audit. They are working closely with security teams on the Sui blockchain to trace the stolen funds. Furthermore, the team is planning to compensate affected users.

Acknowledging the Failures

Despite multiple audits and safety measures, Nemo acknowledged that it had relied too heavily on past assurances without maintaining rigorous scrutiny at every step. The report stated that the team’s failure to catch these vulnerabilities during the development phase contributed to the exploit.

Nemo Protocol, a yield infrastructure platform, focuses on yield tokenization and aims to improve DeFi interactions. This breach has raised concerns about the platform’s code integrity, but the team is taking steps to address the issues and prevent future attacks.

The post Nemo Protocol Explains $2.6 Million Exploit Caused by Code Vulnerabilities appeared first on CoinCentral.

Sorumluluk Reddi: Bu sitede yeniden yayınlanan makaleler, halka açık platformlardan alınmıştır ve yalnızca bilgilendirme amaçlıdır. MEXC'nin görüşlerini yansıtmayabilir. Tüm hakları telif sahiplerine aittir. Herhangi bir içeriğin üçüncü taraf haklarını ihlal ettiğini düşünüyorsanız, kaldırılması için lütfen service@support.mexc.com ile iletişime geçin. MEXC, içeriğin doğruluğu, eksiksizliği veya güncelliği konusunda hiçbir garanti vermez ve sağlanan bilgilere dayalı olarak alınan herhangi bir eylemden sorumlu değildir. İçerik, finansal, yasal veya diğer profesyonel tavsiye niteliğinde değildir ve MEXC tarafından bir tavsiye veya onay olarak değerlendirilmemelidir.

Ayrıca Şunları da Beğenebilirsiniz

Why We Misjudge Our Own Effectiveness at Finding Software Bugs

Why We Misjudge Our Own Effectiveness at Finding Software Bugs

This study investigates whether testers’ beliefs about which defect-detection technique works best for them actually predict real performance. In a controlled,
WHY
WHY$0.00000001727+12.43%
Best Wallet
BEST$0.00391-1.63%
RealLink
REAL$0.07496-3.71%
Paylaş
Hackernoon2025/12/15 05:09
Ripple CEO Confirms Privacy as Next Stage for XRP’s Institutional Expansion

Ripple CEO Confirms Privacy as Next Stage for XRP’s Institutional Expansion

Ripple advances XRP privacy to attract major institutional blockchain adoption. Confidential transactions and smart contracts set to reshape XRP Ledger. New privacy features aim to balance compliance with institutional confidentiality. The XRP community witnessed a significant revelation after Ripple CEO Brad Garlinghouse confirmed that privacy will drive the next phase of XRP’s institutional adoption. According to Vet, the discussion between him and Garlinghouse centered on strengthening privacy within the XRP ecosystem. This development aligns with the broader goal of creating a compliant yet confidential environment for institutional transactions. Ripple has progressively built the XRP Ledger into a robust infrastructure for real-world use cases. It has introduced decentralized identifiers, on-chain credentials, and permissioned domains to ensure compliance and security. Moreover, the network now features multipurpose tokens that simplify tokenization while its native decentralized exchange merges AMM liquidity with a traditional order book. Despite these advancements, one crucial element remains—privacy. Also Read: Swift Exec Mocks XRP as “Fax Machine,” Sparks Furious Clash with Crypto Fans Developers and Ripple Leadership Target Privacy Layer for Institutional Use Developers and Ripple executives agree that privacy will complete the ecosystem’s institutional framework. The upcoming privacy layer includes functions under proposal XLS-66, allowing institutions to lend and borrow assets using tokenized collateral. This system leverages zero-knowledge proofs to conceal sensitive balance and transaction data while maintaining compliance visibility for regulators. Hence, institutions can protect competitive data without compromising transparency. Ripple’s Senior Director of Engineering, Ayo Akinyele, emphasized the scale of this transformation. He stated that trillions in institutional assets will likely transition on-chain over the next decade. To achieve this, his team is developing confidential multipurpose tokens scheduled for launch in the first quarter of 2026. These tokens will enable private collateral management and secure asset handling across financial platforms. Smart Contracts and Privacy Bridge to Institutional Era Smart escrows proposed under XLS-100 and upcoming smart contracts in XLS-101 are expected to support these privacy-driven functions. Together, they will form the foundation for private institutional transactions within the XRP Ledger. This strategic focus marks a defining step toward positioning XRP as a trusted infrastructure for large-scale financial institutions. As privacy becomes the bridge connecting compliance with confidentiality, Ripple’s roadmap signals its readiness to lead blockchain adoption in traditional finance. Also Read: Shiba Inu Approaches Critical Price Zone as Bulls and Bears Battle for Control The post Ripple CEO Confirms Privacy as Next Stage for XRP’s Institutional Expansion appeared first on 36Crypto.
XRP
XRP$1.9768-2.39%
Major
MAJOR$0.11603+4.07%
Smart Blockchain
SMART$0.004553-1.98%
Paylaş
Coinstats2025/10/05 22:14
The Countdown Is On: Apeing Emerges as the Best 100x Crypto While Stellar and Bitcoin Cash Storm the Bullish Market

The Countdown Is On: Apeing Emerges as the Best 100x Crypto While Stellar and Bitcoin Cash Storm the Bullish Market

Which crypto could turn a $100 investment into a life-changing sum next? Crypto markets never sleep, and neither do investors hunting for the next moonshot. While
Best Wallet
BEST$0.00391-1.63%
Storm Trade
STORM$0.00772-1.27%
Bullish Degen
BULLISH$0.02385-8.37%
Paylaş
Coinstats2025/12/15 07:15

Popüler Haberler

Daha fazla

Why We Misjudge Our Own Effectiveness at Finding Software Bugs

Ripple CEO Confirms Privacy as Next Stage for XRP’s Institutional Expansion

The Countdown Is On: Apeing Emerges as the Best 100x Crypto While Stellar and Bitcoin Cash Storm the Bullish Market

Phantom launched early access to cash and debit cards this week, starting in the US.

Solana’s validator crisis explained – 800 nodes remain, $17 mln for one

Kripto Fiyatları

mc_price_img_alt

Ethereum

ETH

$3,065.25
$3,065.25$3,065.25

-0.62%

mc_price_img_alt

Bitcoin

BTC

$88,286.28
$88,286.28$88,286.28

-0.82%

mc_price_img_alt

Solana

SOL

$129.74
$129.74$129.74

-0.70%

mc_price_img_alt

XRP

XRP

$1.9796
$1.9796$1.9796

-0.57%

mc_price_img_alt

Zcash

ZEC

$403.23
$403.23$403.23

0.00%