07-26-2023, 09:07 AM
Era Lend on zkSync exploited for $3.4M in reentrancy attack
<p style="float:right; margin:0 0 10px 15px; width:240px;"><img src="https://images.cointelegraph.com/cdn-cgi/image/format=auto,onerror=redirect,quality=90,width=840/https://s3.cointelegraph.com/uploads/2023-07/72e2d3e9-6638-4255-bec0-98eedf0e23f1.jpg"></p><p>The lending app was drained of funds using a “read-only reentrancy” bug, a type of vulnerability that is often difficult for auditors to spot.</p>
https://cointelegraph.com/news/era-lend-...ncy-attack
<p style="float:right; margin:0 0 10px 15px; width:240px;"><img src="https://images.cointelegraph.com/cdn-cgi/image/format=auto,onerror=redirect,quality=90,width=840/https://s3.cointelegraph.com/uploads/2023-07/72e2d3e9-6638-4255-bec0-98eedf0e23f1.jpg"></p><p>The lending app was drained of funds using a “read-only reentrancy” bug, a type of vulnerability that is often difficult for auditors to spot.</p>
https://cointelegraph.com/news/era-lend-...ncy-attack