The Internet has been riddled with cryptocurrency scams this year. From fake Bitcoin wallets to fake news sites, it’s become clear to all of us that the Internet is not the safest place in the world to store money.
On July 18, I was the victim of a successful token steal. I logged into my RUNE (RuneCoin) wallet, and in doing so, I allowed the attacker to send a small amount of funds to my wallet. Although the attacker was able to steal a total of $76, I was able to recover the funds and ban the attacker from my network.
A couple of days ago, an attacker with huge access to the RuneScape game’s database stole over $76K worth of in-game currency, according to RuneScape developer Jagex . The attacker discovered a vulnerability in the RuneScape’s database, which allowed them to gain control over a few thousand accounts and conduct attacks on the game. The game uses a system called “RuneScape Authenticator” to help protect users from unauthorized account access. When a user logs into RuneScape, two pieces of data are sent to the RuneScape servers to create a unique code that is presented to the user. The user is then asked to enter the code on the website to prove that they are really the person making the
- The thieves made off with tokens valued $76,000.
- This is due to the fact that RUNE coins employ a non-standard token contract.
The attackers have taken $76,000 worth of tokens in a short period of time. This implies that a malicious actor distributes or airdrops tokens to a large number of cryptocurrency users. However, although this may seem to be free money, it is a trap. Furthermore, since the receivers spent the tokens, the offender will be able to steal the Thorchain (RUNE) tokens they possess.
Eden Au of Block Research said,
“This is a one-of-a-kind exploit that has only been utilized a few times in recent years. However, since the assault is so devious, it may be very effective.”
In RUNE, an assailant steals $76,000.
UniH coins were airdropped to at least 76,000 ETH addresses by the perpetrator. Furthermore, it is important to remember that the receivers will examine these free tokens and sell them on a decentralized market. The tokens, in particular, come with a harmful contract. If individuals do not sell their newly acquired UniH tokens, the culprit may be able to get any RUNE tokens they have in their wallet.
This is due to the fact that RUNE tokens employ a non-standard token contract known as “tx.origin.” Furthermore, owing to its dangers, this particular token contract is not included in the ERC-20 token standard, which is used by the majority of ETH-based tokens.
If accepted, UniH tokens include malicious code that will automatically move the user’s RUNE tokens to another wallet. According to the RUNE token contract code on Thorchain, this kind of attack is possible. When it came to transaction approval, it warned of phishing contracts that might steal tokens by intercepting tx.origin.
Furthermore, on the same day as this vulnerability, Thorchain experienced its third exploit in a month. Furthermore, owing to a number of flaws, the network for conducting cross-chain swaps has now lost a total of $13 million. Furthermore, proponents argue that it is still in beta mode, although with real money, and that problems are to be anticipated; this is why the network is referred to as a “Chaosnet.”
You’ve been recommended
Related Tags
This article broadly covered the following related topics:
- futhark runes
- rune meaning
- what are runes
- bind runes
- viking runes
