TechFlow news, Beosin Alert monitoring reports that TIME has been attacked, with the hacker profiting approximately $188,000. The specific cause is that _msgSender() does not return msg.sender, but instead returns an address chosen by the caller. If the caller is a Forwarder contract, it will return the address specified by the caller.
The attacker called the $TIME contract's burn() function through a Forwarder contract, passing in a data pair, ultimately burning the $TIME tokens within the data pair.




