wytjk56245q
@wytook66
And from the stolen transaction records, he discovered that the signature of the permit contained the wallet address for purchasing Dogecoin, indicating that it was not signed by the user himself. Then he pushed back and discovered that there was malicious code buried in the smart contract. Such malicious code could be used to forge the permit permissions of the token holder. Here, the hacker used assembly code to insert the malicious URL.
0 reply
1 recast
1 reaction