A recent exploit of the TIME token contract has resulted in losses of approximately $188,000 worth of Ethereum, according to a report by blockchain security firm CertiK.
The attack began when the exploiter converted 5 ETH to Wrapped Ether (WETH) and traded it for over 3.4 billion TIME tokens.
CertiK analysts explained that the root cause was a vulnerability in the Forwarder contract, which executes transactions from submitted addresses without verification.
According to Cerkit’s report, the hacker submitted a falsified address that they controlled, along with a valid signature. This request passed the Forwarder’s verification and the TIME contract erroneously recognized the fake address as legitimate.
The TIME contract then incorrectly burned over 62 billion tokens from the pool controlled by the attacker, rather than the intended address.
After that, the hacker reportedly exchanged the remaining tokens for WETH, converting some back to ETH – including a portion for bribe.
Also Read: ZachXBT Finds Sus Connection of Uranium Hacker and MTG Cards
