Maestro Bot Heist on Telegram: $500,000 ETH Stolen Amid Contract Flaw


Telegram’s Maestro Bot Targeted in Heist πŸ€– Maestro, a Telegram bot project, faced a security breach with a loss of over 280 ETH ($500,000) due to a Router2 contract vulnerability.

Critical Vulnerability Leads to ETH Theft πŸ›‘ Hackers exploited the contract's proxy design for upgradability, enabling unauthorized asset transfers which caused a significant loss.

Resolution and Refund Promised βœ… The issue has been rectified, halting further unauthorized transfers. The team assures refunds and updates to the community soon.

Security Firm PeckShield Sheds Light πŸ•΅οΈ PeckShield revealed the transfer of stolen ETH to cross-chain exchange platform Railgun to obscure their origin, highlighting the method used by hackers.

Affected DEX Liquidity Pools πŸ”„ Tokens in SushiSwap, ShibaSwap, and ETH PancakeSwap pools are temporarily inaccessible as internal reviews are ongoing post-breach.

How The Breach Occurred πŸ” The Router2 contract's design for upgradability allowed unauthorized calls, enabling attackers to initiate "transferFrom" operations for the theft.

Recent Hacking Instances Noted 🚨 Other recent hacks include Ethereum co-founder Vitalik Buterin’s X account breach and a $27 million hack at CoinEx.

Join ons op Telegram!

Leave a comment