Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Ethscriptions.com was hacked, and about 123 individual addresses lost a total of about 202 Ethscriptions. In terms of value, it is unclear how much the attack caused. Based on the current lowest price of $14, the loss is at least $2,828. Ethscriptions creator Tom Lehman stated that this is not a vulnerability in the Ethscriptions protocol. This is a vulnerability in a specific smart contract (0x3ca843b98a2fe8ef69bb0f169afad3812c275f5e). The protocol itself and other applications running on it are not affected in any way. Meanwhile, Lehman claimed responsibility for the attack, explaining that the vulnerability can be traced back to a smart contract he and Indelible Labs co-founder Michael Hirsch created. It is reported that a small piece of code included in it allows people to withdraw Ethscriptions that do not belong to them from the market. Lehman also said that the Ethscriptions.com marketplace will be relaunched and that he has been in touch with many users affected by the bug. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 2,828.
- chain
- —
- protocol
- Ethscriptions.com
- bug_class
- logic
- date_occurred
- 2023-07-13
- loss_usd
- $2,828
- source_id
- sm:ethscriptions-com::2023-07-13