BlockSec: Two blockchain developers attacked, contract vulnerability leads to a loss of 17 million dollars

According to market news, a series of suspicious transactions targeting victim contracts deployed on Ethereum, Arbitrum, Base, and BSC were discovered a few hours ago. These transactions were carried out by contracts deployed by two creators, resulting in a total loss of over $17 million.

The victim contracts are not open source and appear to have a vulnerability allowing arbitrary calls. The attackers abused existing token authorizations to execute transferFrom operations to steal assets. Affected deployers: 0xbeef63AE5a2102506e8a352a5bB32aA8B30B3112------loss of approximately $3.67 million; 0x9cb8d9BaE84830b7F5F11ee5048c04a80b8514BA------loss of approximately $13.41 million.