🚨@gnosispay Gnosis Pay Incident: Root Cause Disclosure While the attack was still ongoing, the team refrained from publishing the root cause. Now that the incident has been fully contained, we believe it is the right time to disclose the root cause. 💡Root Cause A logic flaw in SignatureChecker::_isValidContractSignature() within the Zodiac Delay Module. During EIP-1271 signature validation, the function performed a staticcall to the signer contract but only checked the returned data — it did not verify whether the call was successful. The attacker exploited this by forcing the staticcall to revert, while embedding the EIP1271_MAGIC_VALUE (0x1626ba7e) in the revert data. The flawed checker mistakenly matched the revert payload and treated the failed call as valid authorization. This bypass allowed the attacker to: - Queue arbitrary malicious transactions into victim Gnosis Safe wallets (without real permission) - Wait for the mandatory cooldown period to expire - Execute them via executeNextTx() and drain funds

1/ 🚨 DeepBook was drained of $239,700 on May 9 using just ~$2,500 in capital—a massive 100x return. No reentrancy, no oracle attack, no access control bypass. Just two order-placement paths with mismatched price validation. pool::place_limit_order — no price check pool_proxy::place_limit_order — price ∈ [Pyth ± tolerance] Margin uses proxy. Regular accounts use raw. Same orderbook. Same attacker. 🧵 2/ Attacker uses TWO BalanceManagers, both their own: • BM 0xe63374a58f2a63fe8554f0e9210332848654bd1130931c0719b1e9ba0a4fa30a (regular) • MM 0xe63374a58f2a63fe8554f0e9210332848654bd1130931c0719b1e9ba0a4fa30a (margin — borrows USDC) Per PTB, BM places a "trap" at the tolerance band edges: SELL @ $1.0878 BUY @ $1.0759 (Pyth mid $1.0819, tolerance ±0.55%) 1.1% spread, both legs pass proxy. 3/ But this only works if the band is empty of legitimate orders. Phase A (asymmetric scan): attacker uses throwaway BMs as takers to sweep ~218K SUI / $235K of legitimate liquidity. Net cost: ~$1K in spread. Now only BM's trap sits in the band. 4/ Phase B (wash loop): MM market-orders into BM's trap. • MM BUY → only ASK in band = BM's $1.0878 → MM pays high • MM SELL → only BID in band = BM's $1.0759 → MM gets low Each round trip: $0.0119/SUI leaks MM's borrowed pool → BM. Run 35×, 70 70 fills at exact band edges. 5/ After PTB: MM insolvent → $283K bad debt to suppliers. BM keeps ~$96K 8K SUI. Flashloan repaid same-PTB. Just 4 successful attack txs over 50 mins. Bridged 78 ETH 0.7 BTC to a single EVM address. 6/ 🛡️ The AstraSec Takeaway:Vulnerabilities don't always hide in complex math—they hide in architectural inconsistencies. When proxy logic and raw pool logic don't enforce the same invariants, attackers will bridge the gap.

🚨 echooo.xyz exploited -- $229K lost Root cause: The Forwarder contract blindly forwards req.from as the msg.sender to the SwapRouter. An attacker can set req.from to any victim who previously approved the protocol, then drain their funds via spendFromUser. tx: etherscan.io/tx/0x57709a498f… ⚠️ Revoke approvals to this address IMMEDIATELY: 0x2990A16D2C37163f26F86d7af219064Ba5CD5605

In line with the technical plan outlined below, the attacker's rsETH positions on Aave have been liquidated on Ethereum and Arbitrum. The liquidated collateral now sits with the Recovery Guardian as specified in the AIP. No other users were affected, and Umbrella was also untouched. This was a critical step in the recovery roadmap, with next steps to follow.

. @trustedvolumes suffered an exploit leading to a loss of approximately $5.87M. The root cause is that TrustedVolumes' RFQ contract had potential input validation vulnerability, which allowed any victim to be designated as order taker, thereby enabling the exploitation of their authorized assets. tx: etherscan.io/tx/0xc5c61b3ac3… Revoke your approvals to the following address immediately (via revoke.cash): 0xeEeEEe53033F7227d488ae83a27Bc9A9D5051756

🚨 APRIL 2026: The list of major DeFi hacks, the real risks are now cross‑chain configs, social engineering, and edge‑case logic flaws. 13 attacks, $620M drained. Attack surfaces have shifted. 📅 April 1 – Drift Protocol (Solana) → Social engineering, multi-sig compromise → $285M 📅 April 3 – Silo Finance → Oracle misconfiguration → $392K 📅 April 5 – TMM on BNB Chain → Flash loan reserve manipulation (PancakeSwap pool) → $1.665M 📅 April 13 – Dango → Missing positive input validation (negative "donation") → ~$1.9M (whitehat returned ~$1.49M) 📅 April 13 – Hyperbridge → MMR proof replay vulnerability → $2.5M 📅 April 14 – CoW Swap → Domain hijacking (social engineering) → $1.2M 📅 April 15 – Grinex Exchange → Exit scam / external hack → $13.74M 📅 April 18 – Rhea Finance (Arbitrum) [FIXED] → Intermediate token reuse flaw in multi‑swap, NAV manipulation → $18.4M 📅 April 18 – KelpDAO → LayerZero DVN config flaw (cross‑chain message forgery) → $293M 📅 April 21 – Bitcoin Depot → Admin‑level social engineering → $3.6M 📅 April 22 – Volo Protocol (Sui) → Vault ownership forgery → $3.5M 📅 April 24 – ZetaChain → Cross‑chain messaging vulnerability → $334K 📅 April 25 – Purrlend → Dual‑chain coordinated exploit → $1.5M 📅 April 26 – Scallop (Sui) → Oracle manipulation / legacy contract vulnerability → sSUI reward pool drained～150,000 SUI (~$142K) 📅 April 28 – JUDAO (BNB Chain) → Reserve manipulation via token hook vulnerability → $228K 📅 April 29 – Aftermath Finance (Sui) → Negative fee rate settlement flaw → $1.14M 📅 April 29 – Syndicate (Base) → Commons bridge accepted unverified cross-chain messages → ~18.5M SYND tokens dumped (~$330K)

Total Loss is approximately 116,500 rsETH (Liquid Restaking Token) was illicitly drained via a cross-chain bridging exploit with market value around $293M, marking it as one of the largest DeFi exploits of 2026. The attacker attacker triggered unauthorized rsETH minting, used the stolen rsETH as collateral on Aave V3, Compound, and Euler to borrow large amount in ETH/WETH. This resulted in significant bad debt for Aave, a severe de-pegging of rsETH, and the temporary freezing of rsETH markets across major lending protocols.

🚨 LootBot.xyz Staking Contract Exploited (~$9,600 / 4.1 ETH loss) A contract deployed for 2.5 years was breached due to a logic error in the redeem() function. It failed to validate duplicate xLoot NFT IDs in the input array, allowing the attacker to claim X times rewards per NFT in a single call. TX: etherscan.io/tx/0xab19752a45…

One single line of code — a logical error — and over $1.9 million (~$1.49M recovered) was drained. @dango ’s insurance fund was exploited using negative values. The attacker “donated” negative amounts to drain the fund. Vulnerabilities often hide in the simplest, unaudited parts of a contract.

Another must-read for all DeFi teams, much like the Radiant Capital 2024 exploit analysis. This is a stark reminder that even mathematically flawless contracts cannot protect a protocol if its operational security (OpSec) fails.

Just shipped our 8th consecutive security audit report for @Listapiexyz_io ! Proud to continue securing top-tier DeFi infrastructure and supporting their ecosystem. Read the full report here: 👇 github.com/astrasecai/audit-…

Great working with @HyacinthAudits to lock down @liquidroyaltyX. 🔬 Scope: ProtocolVault We dug deep into the vault logic to ensure everything is watertight. 📄 github.com/astrasecai/audit-…

We are pleased to release the security audit report for Pandora @HeyAnonai, a decentralized prediction market built for EVM-based blockchains. We’ve verified the security of their trading engine to ensure safe, efficient markets for all users. Read the full report: github.com/astrasecai/audit-…