Attackers deployed malicious contracts to the old address of Defi protocols 1inch

Justin Bebis, CEO of Byte Masons Web3 development firm, stated that one of the old wallets of 1inch Network (1INCH) addresses is being misused by criminals.

Old 1inch Address Used by Malefactors’ Contract

Bebis has turned to Twitter to notify users that malefactors hold an outdated address on the Fantom (FTM) network that was formerly used by the 1inch Network (1INCH) multi-blockchain Defi protocol.

The attackers deployed a malicious contract to the address 0x11111112542d85b3ef69ae05771c2dccff4faa26. All Defi users who interacted with the contract put their money at risk. Bebis asked all Fantom (FTM) users who had approved transactions with the aforementioned compromised address to revoke them immediately.

As of printing time, the address is labeled as an “Exploit” and “Phish/Hack” address by a major Fantom (FTM) network explorer service FTMScan. The attackers likely use the same vector as the recent exploit of “Profanity” addresses that made headlines in mid-September 2022.

At the time, attackers targeted “vanity” (partially human-readable) address generators, gaining access to key-generating devices and draining approximately $3.3 million. Following Bebis’ warning, one of the 1inch Network’s creators, Sergej Kunz, said that certain API endpoint users approved transactions to a Fantom address that, in reality, only existed on the Ethereum network.

Also, Kunz stated that a refund program had been launched, and he had already informed affected users. He also stated that law officers of 1inch are ready to report the attack to the police.

Read more:

Join us on Telegram

Follow us on Twitter

Follow us on Facebook

You might also like