SlowMist (@SlowMist_Team) “🚨SlowMist TI Alert🚨 💸 Loss: 85,519.47 USDT 🔍 Root Cause: The `cliamRewred` f” — TopicDigg

🚨SlowMist TI Alert🚨 💸 Loss: 85,519.47 USDT 🔍 Root Cause: The `cliamRewred` function in `LegendaryMoneyMonNft` allows arbitrary reward claiming. The only authorization depends on `verify()` which checks `recoverSigner(...) == admin`. `recoverSigner` does not validate `ecrecover` returning `address(0)`, and `changeadmin()` allows setting admin to zero address. The attacker used an invalid signature (r=0, s=0, v=27) which returns `address(0)` from `ecrecover`, passing the check because `admin` was zero address at that moment. 📌 Attacker: 0xe1582248c593df4b367e131922438fec9d76e787 📌 Victim Contract: 0x92d60629ff5d53a0098b51e9b1d59546d1d8e5b6 📌 Vulnerable Contract: 0x92d60629ff5d53a0098b51e9b1d59546d1d8e5b6 The attacker exploited the zero-address signature bypass to drain all tokens from the contract and swapped them for USDT via PancakeSwap. Powered by #SlowMist#.AI