Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
According to reports, a currency stolen event occurred in Farmers World, a farm-type game on the WAX chain, and the amount may exceed 100 million yuan. Some players have found that the game shows "Insufficient RAM" prompts, which cannot be solved even after adding WAXP. According to the official Discord discussion information: Neither the project smart contract nor the WAX wallet has vulnerabilities, but the address where the user pledged WAXP is not the official address of the game. It may be that the game "plug-in" script changed the user pledge address, causing the user to be unable to obtain RAM resources. Attack method (per SlowMist): Malicious Code Injection Attack. Reported loss: $ 15,700,000.
- chain
- —
- protocol
- Farmers World
- bug_class
- unknown
- date_occurred
- 2021-11-07
- loss_usd
- $15,700,000
- source_id
- sm:farmers-world::2021-11-07