TechFlow, on October 20, according to blockchain security firm BlockSec Phalcon (@Phalcon_xyz), the decentralized finance protocol Sharwa Finance was attacked and subsequently suspended operations. Several hours after the attack, multiple suspicious transactions continued exploiting the same vulnerability via slightly different attack paths.
The attackers first created margin accounts, then used provided collateral to borrow additional assets through leveraged lending, and finally executed sandwich attacks on swap operations involving the borrowed assets. The root cause of the vulnerability lies in the swap() function of the MarginTrading contract lacking solvency checks; this function only verifies the account's solvency status before executing asset swaps.
Two attackers profited approximately $146,000 in total, with attacker 1 (0xd356...c08) earning about $61,000 through multiple attacks, and attacker 2 (0xaa24...795) earning about $85,000 through a single attack.
