BlockSec Phalcon: Sharwa Finance attacked, losing approximately $146,000
7x24h News
BlockSec Phalcon: Sharwa Finance attacked, losing approximately $146,000
According to monitoring by blockchain security firm BlockSec Phalcon (@Phalcon_xyz), decentralized finance protocol Sharwa Finance was attacked and subsequently suspended operations. Several hours after the attack, multiple suspicious transactions continued exploiting the same vulnerability via slightly modified attack paths. The attackers first created margin accounts, then used provided collateral to borrow additional assets through leveraged lending, and finally executed sandwich attacks on swap operations involving the borrowed assets. The root cause of the vulnerability lies in the swap() function of the MarginTrading contract, which lacks solvency checks—this function only verifies the account's solvency status before executing asset swaps. Two attackers profited approximately $146,000 in total, with attacker 1 (0xd356...c08) earning around $61,000 through multiple attacks and attacker 2 (0xaa24...795) earning about $85,000 from a single attack.
TechFlow, on October 20, according to blockchain security firm BlockSec Phalcon (@Phalcon_xyz), the decentralized finance protocol Sharwa Finance was attacked and subsequently suspended operations. Several hours after the attack, multiple suspicious transactions continued exploiting the same vulnerability via slightly different attack paths.
The attackers first created margin accounts, then used provided collateral to borrow additional assets through leveraged lending, and finally executed sandwich attacks on swap operations involving the borrowed assets. The root cause of the vulnerability lies in the swap() function of the MarginTrading contract lacking solvency checks; this function only verifies the account's solvency status before executing asset swaps.
Two attackers profited approximately $146,000 in total, with attacker 1 (0xd356...c08) earning about $61,000 through multiple attacks, and attacker 2 (0xaa24...795) earning about $85,000 through a single attack.




