BlockSec: The attack on Unibot may be due to the lack of input validation of function 0xb2bd16ab in the 0x126c contract
Cointime2023/10/31 07:06
By:Cointime
BlockSec stated on social media that due to Unibot's code not being open source, we suspect that the function 0xb2bd16ab in the 0x126c contract lacks input validation, allowing for arbitrary calls. Therefore, attackers can call "transferFrom" to transfer the approved tokens out of the contract. Please revoke approval as soon as possible.
0
0
Disclaimer: everything in the article represents the author's point of view and has nothing to do with this platform. This article is not intended to be used as a reference for making investment decisions.