UvToken, a multi-chain wallet project, has lost $1.45 million due to a smart contract exploit.
UvToken, a multi-chain crypto wallet, has been hacked for 5,011 BNB tokens (1.45 million), with the funds already routed into authorized crypto mixer Tornado Cash.
This comes in the midst of a flurry of hacks and exploits this month, which appears to be a particularly bad month for DeFi projects.
According to security firms Ancilia and Peckshield, the incident occurred on the BNB Chain blockchain on Thursday morning around 1 a.m. ET time.
UvToken acknowledged the exploit, claiming that its “staking project” had been compromised. It is currently investigating the exploit with security teams. According to PeckShield, UvToken allows users to stake the native token into a specific contract.
In addition, PeckShield mentioned that the attacker most likely took advantage of the UvToken staking contract’s failure to properly authenticate input data.
As per the firm, the contract may have contained a logic error that enabled the hacker to make a malicious call and seize the funds.
The latest exploit adds to the long list of exploits that have plagued the cryptocurrency sector this month.