GetChain News
中简 中繁 EN
GetChain News
Toggle sidebar
Alchemix

Alchemix

ALCX
Active

Future-yield-backed synthetic asset platform

alchemix.fi X Github Doc Medium Snapshot Defillama

News Heat Trend

Project Overview

Alchemix Finance is a future-yield-backed synthetic asset platform that allows users to leverage a range of tokens without the risk of liquidation.

DeFi Lending

Event-related news

View more View more View more

Alchemix yvVault Users Attacked Due to Unauthorized Approvals, Suffering ~$1M in Losses

According to on-chain analyst PeckShield (@PeckShieldAlert), a user’s Alchemix Yearn yvVault position (token $yvWETH) was attacked, resulting in an estimated loss of approximately $1 million. The root cause of the attack lies in the user’s prior approval grant to an unverified contract (contract address: 0x143a), deployed 10 days ago. Reverse-engineering analysis revealed that this contract contains a vulnerability enabling arbitrary call execution. Exploiting this vulnerability, the attacker successfully transferred the victim’s yvVault position. PeckShield has now publicly disclosed the specific logic of this vulnerability. Users are advised to review and revoke token approvals granted to unknown or unverified contracts to mitigate asset risks.

Alchemix yvVault Users Attacked Due to Unauthorized Approvals, Suffering ~$1M in Losses

According to on-chain analyst PeckShield (@PeckShieldAlert), a user’s Alchemix Yearn yvVault position (token $yvWETH) was attacked, resulting in an estimated loss of approximately $1 million. The root cause of the attack lies in the user’s prior approval grant to an unverified contract (contract address: 0x143a), deployed 10 days ago. Reverse-engineering analysis revealed that this contract contains a vulnerability enabling arbitrary call execution. Exploiting this vulnerability, the attacker successfully transferred the victim’s yvVault position. PeckShield has now publicly disclosed the specific logic of this vulnerability. Users are advised to review and revoke token approvals granted to unknown or unverified contracts to mitigate asset risks.

Alchemix yvVault Users Attacked Due to Unauthorized Approvals, Suffering ~$1M in Losses

According to on-chain analyst PeckShield (@PeckShieldAlert), a user’s Alchemix Yearn yvVault position (token $yvWETH) was attacked, resulting in an estimated loss of approximately $1 million. The root cause of the attack lies in the user’s prior approval grant to an unverified contract (contract address: 0x143a), deployed 10 days ago. Reverse-engineering analysis revealed that this contract contains a vulnerability enabling arbitrary call execution. Exploiting this vulnerability, the attacker successfully transferred the victim’s yvVault position. PeckShield has now publicly disclosed the specific logic of this vulnerability. Users are advised to review and revoke token approvals granted to unknown or unverified contracts to mitigate asset risks.

Related news

Alchemix yvVault Users Attacked Due to Unauthorized Approvals, Suffering ~$1M in Losses

According to on-chain analyst PeckShield (@PeckShieldAlert), a user’s Alchemix Yearn yvVault position (token $yvWETH) was attacked, resulting in an estimated loss of approximately $1 million. The root cause of the attack lies in the user’s prior approval grant to an unverified contract (contract address: 0x143a), deployed 10 days ago. Reverse-engineering analysis revealed that this contract contains a vulnerability enabling arbitrary call execution. Exploiting this vulnerability, the attacker successfully transferred the victim’s yvVault position. PeckShield has now publicly disclosed the specific logic of this vulnerability. Users are advised to review and revoke token approvals granted to unknown or unverified contracts to mitigate asset risks.