Telegram’s Maestro Bot Targeted in Heist 🤖 Maestro, a Telegram bot project, faced a security breach with a loss of over 280 ETH ($500,000) due to a Router2 contract vulnerability.
Critical Vulnerability Leads to ETH Theft 🛑 Hackers exploited the contract's proxy design for upgradability, enabling unauthorized asset transfers which caused a significant loss.
Resolution and Refund Promised ✅ The issue has been rectified, halting further unauthorized transfers. The team assures refunds and updates to the community soon.
Security Firm PeckShield Sheds Light 🕵️ PeckShield revealed the transfer of stolen ETH to cross-chain exchange platform Railgun to obscure their origin, highlighting the method used by hackers.
Affected DEX Liquidity Pools 🔄 Tokens in SushiSwap, ShibaSwap, and ETH PancakeSwap pools are temporarily inaccessible as internal reviews are ongoing post-breach.
How The Breach Occurred 🔍 The Router2 contract's design for upgradability allowed unauthorized calls, enabling attackers to initiate "transferFrom" operations for the theft.
Recent Hacking Instances Noted 🚨 Other recent hacks include Ethereum co-founder Vitalik Buterin’s X account breach and a $27 million hack at CoinEx.
Leave a comment