VERDICT —OUT OF SCOPE
Root cause is phishing — victims signed malicious transactions or approvals off-protocol. Contract logic was not the failure surface; user-side wallet hygiene was. Pre-deployment audit cannot catch this class.
▰ METHOD
PHISHING
PHISHING
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
On September 20th, SlowMist tweeted that Coinbase Wallet recently integrated the Web3 messaging network protocol (http://xmtp.org). As long as the user's wallet address opens the messaging network, it may receive any information sent by the messaging protocol. Many attackers used this feature to send messages with phishing links to wallet users. Relevant wallet users need to be vigilant and not click on unknown links. Attack method (per SlowMist): Phishing Attack. Reported loss: -.
Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Coinbase Wallet
- bug_class
- phishing
- date_occurred
- 2023-09-20
- loss_usd
- —
- source_id
- sm:coinbase-wallet::2023-09-20
Related — same bug class· phishing