Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The developer of Klaytn-based NFT project Metaconz tweeted that a malicious bot was installed on the administrator account of Metaconz’s Discord overseas team on Saturday, causing 79 users to lose 11.9 ETH (about $36,000), the team said. It promised to compensate all losses, and 53 users have so far been compensated. In addition, the developer reminded that if the user executes the setApprovalForAll function in Etherscan, please transfer the wallet unconditionally. Therefore, in this attack, the hacker used this function to deprive the victim of the wallet permission. Attack method (per SlowMist): Account Compromise. Reported loss: 11.9 ETH.
- chain
- —
- protocol
- Metaconz
- bug_class
- private-key
- date_occurred
- 2022-04-16
- loss_usd
- —
- source_id
- sm:metaconz::2022-04-16