VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
The XDX Swap (DDEX) on the Heco chain's cross-chain decentralized exchange DDEX was attacked. The attacker made a profit of 85.17 ETH (approximately $176,000) and cross-chained it to Ethereum. The DDEX code appears to have a backdoor. With the support and cooperation of DDEX, Star Labs, and HECO White Hat Security Alliance, XDX Swap has successively recovered most of the funds involved in this attack, with a total value of more than 5 million US dollars. Attack method (per SlowMist): Contract Vulnerability. Reported loss: -.
Primary source
https://www.tuoniaox.com/newsflash/p-507462.html ↗Sourced from
slowmist
Technical record
- chain
- ethereum
- protocol
- XDX Swap
- bug_class
- logic
- date_occurred
- 2021-07-02
- loss_usd
- —
- source_id
- sm:xdx-swap::2021-07-02
Related — same bug class· logic