The Block19 minutes ago

Published on February 29, 2024 06:10 GMT+00:00edited on February 29, 2024 06:14 GMT+00:00

Stablecoin protocol Seneca suffered an exploit, leading to a loss of more than $6 million on Ethereum and Arbitrum networks.

The exploit was pinpointed to an issue within the protocol’s smart contract approval mechanisms — which was exploited by attackers to divert funds.

Security analysts from Blocksec identified the root cause of the breach as an “arbitrary call issue” within Seneca’s smart contracts.

The project’s contracts didn’t have code that could let the team pause it — instead, users had to revoke permissions. The stolen assets are reported to be more than 1,900 ETH ($6 million).

This vulnerability allowed the attacker to make unauthorized transfers of tokens from the project’s contract to an external address controlled by the attacker. “The root cause was an arbitrary call …