慢雾余弦：Ekubo合约遭恶意利用，已有用户损失17枚WBTC

Odaily reported that SlowMist founder Cos Jin posted on platform X, stating, "The Ekubo related contract has been maliciously exploited. The reason is that if a user has previously authorized related tokens to: 0x8CCB1ffD5C2aa6Bd926473425Dea4c8c15DE60fd;

For example, this user 0x765DEC with an unlimited WBTC approval (158 days ago): the attacker can designate the authorized user as the payer, and in the payCallback, make the contract call WBTC transferFrom(victim, Ekubo Core, amount). Then, through Ekubo Core (0xe0e0e08A6A4b9Dc7bD67BCB7aadE5cF48157d444)’s withdraw/pay balance settlement process, the attacker transfers the assets to themselves. This operation was executed 85 times, each time for 0.2 WBTC, ultimately causing user 0x765DEC to lose 17 WBTC. It is recommended that users promptly follow official guidance to check authorizations for the following contracts: 0x8ccb1ffd5c2aa6bd926473425dea4c8c15de60fd (V2)

0x4f168f17923435c999f5c8565acab52c2218edf2 (V3)

Arbitrum: 0xc93c4ad185ca48d66fefe80f906a67ef859fc47d (V3)."