The Ethereum Alarm Clock service – a popular scheduling tool that allows users to schedule transactions on the Ethereum network – fell victim to a hack that resulted in losses worth $260,000. The attack took place on October 16, and the hackers were able to siphon funds from three separate wallets belonging to the service.
The team behind the Ethereum Alarm Clock service took to Twitter to warn users about the hack and ask them not to use the service until further notice. They are currently working to secure the remaining funds and investigate the root cause of the attack.
This is not the first time that the Ethereum Alarm Clock service has been targeted by hackers. In September this year, the service was hit by a similar attack that saw $152,000 worth of ETH stolen.
At the time, the team behind the service took responsibility for the loss and reimbursed all affected users out of pocket.
It is not yet clear how hackers were able to gain access to Ethereum Alarm Clock wallets this time around.
However, given that this is the second attack on the service in less than two months, it is possible that there is a security flaw in the code which is being exploited by malicious developers.
And for good reason, in principle when you create a smart contract sur Ethereum, you must specify who will pay the gas costs for the execution of this contract. However, with the Ethereum Alarm Clock service, the creator of the contract can specify that someone else is going to pay the gas fee.
This means that a hacker can create a wake-up contract and have it perform a malicious transaction without having to pay the fees themselves.
This is exactly what happened in this case. The attackers created a contact that transferred Ether from a victim’s wallet to their own wallet. Since they didn’t have to pay the fees, they were able to do so without spending any money themselves.
Until the root cause of the attack is found and fixed, users are advised to avoid using the Ethereum Alarm Clock service.
In the world of cryptocurrencies, decentralized finance protocols (DeFi) have become increasingly popular in recent years.
These protocols allow users to interact directly with each other without the need for a central authority, and they often offer higher interest rates than traditional financial institutions.
However, DeFi protocols have also been the target of numerous hacks in recent months. With DeFi protocols becoming increasingly popular, it is important to be aware of the risks associated with their use.
As mentioned above, this is the second attack against the service in less than two months and it raises serious concerns about its security.
Until the root cause of the attack is found and fixed, users are advised to avoid using the Ethereum Alarm Clock service.
Read also : Ripple XRP and the setback against the SEC with the Hinman documents