Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On November 18th, an attacker exploited the vulnerability to obtain $100,000 in MPH tokens. After that, 88mph discovered a vulnerability in MPHinter, the MPH token minting contract, which could allow a potential attacker to steal all ETH in the Uniswap fund pool. With the help of the well-known white hat samczsun, ETH has been withdrawn into the governance multi-signature, so all funds are safe. In addition, 88mph stated that because the attacker put $100,000 in the LP pool (liquidity fund pool), the funds have been transferred to the governance wallet, and they have decided to allocate these funds to generations including MPH and ETH. Coin holders. Attack method (per SlowMist): Contract Vulnerability. Reported loss: -.
- chain
- —
- protocol
- 88mph
- bug_class
- logic
- date_occurred
- 2020-11-18
- loss_usd
- —
- source_id
- sm:88mph::2020-11-18