PANews reported on October 20th that Sharwa.Finance disclosed an attack and subsequent suspension of operations, according to a BlockSec Phalcon alert. However, several suspicious transactions occurred hours later, likely exploiting the same underlying vulnerability through a slightly different attack path. Overall, the attacker first created a margin account, then used the provided collateral to borrow additional assets through leveraged lending, and finally launched a "sandwich attack" targeting swap operations involving the borrowed assets. The root cause appears to be a missing bankruptcy check in the swap() function of the MarginTrading contract, which is used to swap borrowed assets from one token (such as WBTC) to another (such as USDC). This function only verifies solvency based on the account's state at the time the swap begins, before executing the asset swap. This leaves room for manipulation. Attacker 1 (beginning with 0xd356) conducted multiple attacks, profiting approximately $61,000. Attacker 2 (beginning with 0xaa24) conducted a single attack, profiting approximately $85,000.PANews reported on October 20th that Sharwa.Finance disclosed an attack and subsequent suspension of operations, according to a BlockSec Phalcon alert. However, several suspicious transactions occurred hours later, likely exploiting the same underlying vulnerability through a slightly different attack path. Overall, the attacker first created a margin account, then used the provided collateral to borrow additional assets through leveraged lending, and finally launched a "sandwich attack" targeting swap operations involving the borrowed assets. The root cause appears to be a missing bankruptcy check in the swap() function of the MarginTrading contract, which is used to swap borrowed assets from one token (such as WBTC) to another (such as USDC). This function only verifies solvency based on the account's state at the time the swap begins, before executing the asset swap. This leaves room for manipulation. Attacker 1 (beginning with 0xd356) conducted multiple attacks, profiting approximately $61,000. Attacker 2 (beginning with 0xaa24) conducted a single attack, profiting approximately $85,000.
BlockSec: Sharwa.Finance suffered multiple attacks, resulting in losses exceeding $140,000
PANews reported on October 20th that Sharwa.Finance disclosed an attack and subsequent suspension of operations, according to a BlockSec Phalcon alert. However, several suspicious transactions occurred hours later, likely exploiting the same underlying vulnerability through a slightly different attack path. Overall, the attacker first created a margin account, then used the provided collateral to borrow additional assets through leveraged lending, and finally launched a "sandwich attack" targeting swap operations involving the borrowed assets. The root cause appears to be a missing bankruptcy check in the swap() function of the MarginTrading contract, which is used to swap borrowed assets from one token (such as WBTC) to another (such as USDC). This function only verifies solvency based on the account's state at the time the swap begins, before executing the asset swap. This leaves room for manipulation. Attacker 1 (beginning with 0xd356) conducted multiple attacks, profiting approximately $61,000. Attacker 2 (beginning with 0xaa24) conducted a single attack, profiting approximately $85,000.
Market Opportunity
FINANCE Price(FINANCE)
$0.0001991
$0.0001991$0.0001991
USD
FINANCE (FINANCE) Live Price Chart
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
You May Also Like
Stijgt de Solana koers naar $150 door institutioneel treasury gebruik?
Solana staat centraal in een nieuwe ontwikkeling binnen corporate treasury management. Mangocueticals heeft samen met Cube Group een formele SOL treasury strategie
Share
Coinstats2025/12/20 23:16
CEO Sandeep Nailwal Shared Highlights About RWA on Polygon
The post CEO Sandeep Nailwal Shared Highlights About RWA on Polygon appeared on BitcoinEthereumNews.com. Polygon CEO Sandeep Nailwal highlighted Polygon’s lead in global bonds, Spiko US T-Bill, and Spiko Euro T-Bill. Polygon published an X post to share that its roadmap to GigaGas was still scaling. Sentiments around POL price were last seen to be bearish. Polygon CEO Sandeep Nailwal shared key pointers from the Dune and RWA.xyz report. These pertain to highlights about RWA on Polygon. Simultaneously, Polygon underlined its roadmap towards GigaGas. Sentiments around POL price were last seen fumbling under bearish emotions. Polygon CEO Sandeep Nailwal on Polygon RWA CEO Sandeep Nailwal highlighted three key points from the Dune and RWA.xyz report. The Chief Executive of Polygon maintained that Polygon PoS was hosting RWA TVL worth $1.13 billion across 269 assets plus 2,900 holders. Nailwal confirmed from the report that RWA was happening on Polygon. The Dune and https://t.co/W6WSFlHoQF report on RWA is out and it shows that RWA is happening on Polygon. Here are a few highlights: – Leading in Global Bonds: Polygon holds 62% share of tokenized global bonds (driven by Spiko’s euro MMF and Cashlink euro issues) – Spiko U.S.… — Sandeep | CEO, Polygon Foundation (※,※) (@sandeepnailwal) September 17, 2025 The X post published by Polygon CEO Sandeep Nailwal underlined that the ecosystem was leading in global bonds by holding a 62% share of tokenized global bonds. He further highlighted that Polygon was leading with Spiko US T-Bill at approximately 29% share of TVL along with Ethereum, adding that the ecosystem had more than 50% share in the number of holders. Finally, Sandeep highlighted from the report that there was a strong adoption for Spiko Euro T-Bill with 38% share of TVL. He added that 68% of returns were on Polygon across all the chains. Polygon Roadmap to GigaGas In a different update from Polygon, the community…
Share
BitcoinEthereumNews2025/09/18 01:10
ViaHonest Introduces a Next-Generation RWA Marketplace for Authentic Physical Goods.
Summary: ViaHonest, a top-notch platform, has unleashed digital certificates of authenticity, tamper-proof item identifiers, and a transparent 2.5% commission,
Share
Techbullion2025/12/20 23:46