It happened…
🚨 https://t.co/ZsiObNQ375 finally rugged 🚨
0x369CaBe555716a3349d537DE71b3720D41aC1a1A
this is the wallet that they used.Total funds stolen: $100K and growing@0xPolygon
I hope you revoked the approval and withdrew your funds after our rug alert. ⛔️
– Rugdoc.io (@RugDocIO) June 17, 2021
Rugdoc says they stumbled upon Beetsfarm using their scanner, which selects unverified contracts. Contract verification allows you to confirm that the compiled code matches what was uploaded to the blockchain. Under pressure from the community, Beetsfarm subsequently verified their contract, “however, it still contained the largest number of alarms we have ever seen.” Verification is not tantamount to an audit, which in this case was not carried out.
The Beetsfarm contract allowed anyone to move assets between users’ wallets and the project itself. In other words, once having granted permission to the contract, the user allowed any outsider to transfer additional assets from their wallet to the address of the project.
The project also had an urgent asset stripping function that worked in a similar way, but with one important difference. Instead of withdrawing assets to the address of the user, which corresponds to the “_wallet” parameter, they were transferred to the “wallet” address, which designated the wallet of the project creators themselves.
Although Beetsfarm came out as an unremarkable project, the attackers managed to steal a significant amount from users. In this they were helped by the function of unlimited transfer of assets, which were then transferred to their own wallet using the function of urgent withdrawal.
In connection with the incident, Rugdoc recommends that users do not interact with unverified smart contracts and never grant permissions for operations that they are not ready to entrust to the project. Beetsfarm continues to lure customers on its Twitter account by deleting old messages under which they are accused of fraud and posting new ones instead.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
