es test
공유하기
Summary
- It said indications were confirmed that suspicious transactions suspected of exploiting a proxy contract on the Arbitrum network led to fund losses of about $1.5 million.
- It said the attacker allegedly took over an operator account for the USDGambit and TLP project, changed ProxyAdmin privileges, and seized control of the existing proxy contract.
- It said the siphoned funds were moved from the Arbitrum network to the Ethereum network and then deposited into Tornado Cash, underscoring the importance of admin privilege management in proxy architectures.
Suspicious transactions that appear to have exploited a proxy contract on the Arbitrum network have been detected, and indications have been confirmed that this led to fund losses totaling about $1.5 million.
On the 5th, blockchain security firm Cyvers Alert said on X (formerly Twitter) that it had "detected multiple suspicious transactions related to a proxy contract on the Arbitrum network," adding that "estimated losses to date are about $1.5 million."
According to Cyvers Alert’s preliminary analysis, an operator account that had been solely deploying and managing the USDGambit and TLP projects is believed to have been exposed. After obtaining this account, the attacker deployed a new contract and altered the admin privileges (ProxyAdmin) to place them under their control, thereby taking control of the existing proxy contract, the firm said.
The siphoned funds were then moved from the Arbitrum network to the Ethereum network and deposited into Tornado Cash, a privacy mixer used to obscure fund flows, according to the analysis.
Cyvers Alert said the incident "once again shows how critical admin privilege management is in proxy architectures," adding that heightened vigilance is needed from project operators and infrastructure providers to prevent similar security incidents.
