Analysts revealed an attack by re-reproduction with Ethereum Pow Bill tokens

Blocksec cybersecurity specialists discovered an exploit related to Ethereum Pow (ETHW).

1/ alert | Blocksec Detected that Exploiters are Replaying the Message (Calldata) of the Pos Chain on @etherempup. The Root Cace of the Exploitation is that Bridge Deesn`t Correctly Verify the Actual Chainid (Which Is Maintained by Itself) of the Cross-Chain Message).

– Blocksec (@blockSecteam) September 18, 2022

According to Blocksec, the OMNIBRIDGE system smart contract for GNOSIS CHAIN ​​incorrectly checked the Chainid parameter. Thanks to this, attackers were able to get an additional 200 ETHW, sending a similar amount to Weth.

The developers of the Pow-report emphasized that the problem is in the contract, and not in the new blockchain. According to them, the team “contacted Omnibridge and informed them about risks”.

“ETHW independently ensured compliance with the EIP-155, and the repeated attack with EthPOS and on ETHPOS, which the ETHW Core security engineers planned in advance, is absent,” the developers said.

Recall, on September 15 at 9:42 (Kyiv/Moscow time), the main network of Ethereum activated the large -scale update of The Merge. The blockchain was successfully transferred to the Proof-Of-Stake consensus algorithm.

The developers of the Ethereum Pow Bill announced the launch of the mainnet within a day from the date of upgrade. A few hours after the activation of the update, the team published network identifiers.

Read the FORKLOG Bitcoin News in our https://gagarin.news/ua/news/tiffany-releases-a-limited-collection-of-nft-pendants-50-000-each/ Telegram-cryptocurrency news, courses and analytics.