Maestro Bot Heist on Telegram: $500,000 ETH Stolen Amid Contract Flaw

Telegram’s Maestro Bot Targeted in Heist 🤖 Maestro, a Telegram bot project, faced a security breach with a loss of over 280 ETH ($500,000) due to a Router2 contract vulnerability.

Critical Vulnerability Leads to ETH Theft 🛑 Hackers exploited the contract's proxy design for upgradability, enabling unauthorized asset transfers which caused a significant loss.

Resolution and Refund Promised ✅ The issue has been rectified, halting further unauthorized transfers. The team assures refunds and updates to the community soon.

Security Firm PeckShield Sheds Light 🕵️ PeckShield revealed the transfer of stolen ETH to cross-chain exchange platform Railgun to obscure their origin, highlighting the method used by hackers.

Affected DEX Liquidity Pools 🔄 Tokens in SushiSwap, ShibaSwap, and ETH PancakeSwap pools are temporarily inaccessible as internal reviews are ongoing post-breach.

How The Breach Occurred 🔍 The Router2 contract's design for upgradability allowed unauthorized calls, enabling attackers to initiate "transferFrom" operations for the theft.

Recent Hacking Instances Noted 🚨 Other recent hacks include Ethereum co-founder Vitalik Buterin’s X account breach and a $27 million hack at CoinEx.

Join ons op Telegram!

Leave a comment