Maestro Telegram bot suffers a contract exploit: $500,000 of ETH stolen

Photo of author

By BitcoinWiki News

Key Takeaways:

– Maestro, a large Telegram bot project, experienced a severe security breach in its Router2 contract.
– The breach resulted in the unauthorized transfer of over 280 ETH ($500,000) from user accounts.
– The vulnerability in the contract allowed attackers to make arbitrary calls and transfer assets.
– The funds were transferred to the cross-chain exchange platform Railgun to hide their origin.
– The Router2 contract had a proxy design that permitted changes in logic without changing the address.
– Attackers used the “transferFrom” function to initiate unauthorized transfers from victim’s accounts.
– Maestro quickly responded by replacing the contract’s logic and freezing all router operations.
– Tokens in certain DEX pools will remain temporarily inaccessible while an internal review is conducted.
– Maestro plans to refund affected users.


Title: Maestro Telegram Bot Project Faces Severe Security Breach

Introduction:
Earlier today, Maestro, a prominent Telegram bot project, experienced a significant security breach. The breach exploited a critical vulnerability in the Router2 contract, leading to unauthorized transfers of over 280 ETH (approximately $500,000) from user accounts. Although Maestro has addressed the issue, access to tokens in certain DEX liquidity pools will be temporarily inaccessible.

Vulnerability in Router2 Contract:
The Router2 contract, responsible for managing token swaps, had a vulnerability that allowed hackers to make arbitrary calls, resulting in unauthorized asset transfers. Security firm PeckShield revealed that the funds were transferred to the cross-chain exchange platform Railgun in an attempt to conceal their source. The contract’s design, which permitted changes in logic without altering its address, opened the gateway for unauthorized calls and enabled attackers to initiate “transferFrom” operations between approved addresses.

Attack Process:
Attackers could input a token address into the Router2 contract, set the function as “transferFrom,” and designate the victim’s address as the sender, with their own address as the recipient. This malicious action resulted in unauthorized transfers of tokens from the victims’ accounts to those of the attackers.

Immediate Response – Router Operations Frozen:
Maestro responded swiftly to the breach, freezing all router operations by replacing the Router2 contract’s logic with a benign Counter contract. This proactive measure aimed to halt any further unauthorized transfers. The company confirmed that the vulnerability has been resolved. However, tokens in liquidity pools of SushiSwap, ShibaSwap, and ETH PancakeSwap will remain temporarily unavailable as Maestro conducts an internal review.

Refunds for Affected Users:
Maestro assured the community that affected users would be refunded. The company intends to update the community on the refund process as soon as it is ready to initiate the refunds, aiming to complete the process within the day.

Conclusion:
Maestro, a significant Telegram bot project, experienced a severe security breach due to a critical vulnerability in its Router2 contract. Unauthorized transfers of over 280 ETH occurred as a result. The breach exploited the contract’s ability to make arbitrary and unauthorized calls, enabling attackers to initiate “transferFrom” operations between approved addresses. Maestro responded promptly by freezing router operations and replacing the vulnerable contract’s logic. While the vulnerability has been resolved, tokens in certain DEX liquidity pools will remain temporarily inaccessible. Maestro has committed to refunding affected users and will provide updates on the refund process.

This is sponsored by: Learn Bitcoin Option

Leave a Comment