SlowMist Team: Resupply Attacker Steals Assets through Interest Rate Surge Vulnerability, Hacker's Gas Comes from Tornado Cash

Blockbeats

Yesterday

BlockBeats News, June 27th, SlowMist founder Yuxian stated that the decentralized stablecoin protocol Resupply was exploited by an attacker through a interest rate inflation vulnerability to steal assets. The attacker triggered price inflation by donating to the new treasury's Controller contract, causing the exchangeRate to become 0, bypassing the collateral check. Ultimately, the attacker was able to borrow a significant amount of reUSD with only 1 wei of collateral. The hacker has since converted the stolen funds to ETH, valued at approximately over $9.5 million. The hacker's Gas came from Tornado Cash.

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

1
2
3
4
5
6
7
8
9
10

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www-web.itiger.com/news/2546746313"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2546746313\",edition:\"fundamental\",,,undefined,":{"share":"https://ttm.financial/m/news/2546746313?lang=en_US&edition=fundamental","thumbnail":"","is_english":true,"pubTime":"2025-06-27 20:27","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2546746313","market":"us","top_or_hot":-1,"title":"SlowMist Team: Resupply Attacker Steals Assets through Interest Rate Surge Vulnerability, Hacker's Gas Comes from Tornado Cash","media":"Blockbeats","content":"<html><body><div><p>BlockBeats News, June 27th, SlowMist founder <strong>Yuxian</strong> stated that the decentralized stablecoin protocol Resupply was exploited by an attacker through a <em>interest rate</em> <code>inflation</code> vulnerability to steal assets. The attacker triggered price inflation by donating to the new treasury's Controller contract, causing the <code>exchangeRate</code> to become 0, bypassing the collateral check. Ultimately, the attacker was able to borrow a significant amount of reUSD with only 1 wei of collateral. The hacker has since converted the stolen funds to ETH, valued at approximately over $9.5 million. The hacker's Gas came from Tornado Cash.</p></div></body></html>","source":"theblockbeats_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>SlowMist Team: Resupply Attacker Steals Assets through Interest Rate Surge Vulnerability, Hacker's Gas Comes from Tornado Cash</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nSlowMist Team: Resupply Attacker Steals Assets through Interest Rate Surge Vulnerability, Hacker's Gas Comes from Tornado Cash\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-06-27 20:27 GMT+8&nbsp;&nbsp;&nbsp;<a href=https://www.theblockbeats.info//en/flash/300299><strong>Blockbeats</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>BlockBeats News, June 27th, SlowMist founder Yuxian stated that the decentralized stablecoin protocol Resupply was exploited by an attacker through a interest rate inflation vulnerability to steal ...</p>\n\n<a href=\"https://www.theblockbeats.info//en/flash/300299\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"BK4023","symbol_name":"应用软件","start_time":0,"source_url":"https://www.theblockbeats.info//en/flash/300299","article_id":"2546746313","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2546746313","pubTimestamp":1751027220,"columns":[],"sourceInfo":{"source_id":"theblockbeats_live","name":"Blockbeats快讯"},"weMediaInfo":null,"summary":"BlockBeats News, June 27th, SlowMist founder Yuxian stated that the decentralized stablecoin protocol Resupply was exploited by an attacker through a interest rate inflation vulnerability to steal assets. The attacker triggered price inflation by donating to the new treasury's Controller contract, causing the exchangeRate to become 0, bypassing the collateral check. Ultimately, the attacker was able to borrow a significant amount of reUSD with only 1 wei of collateral. The hacker has since converted the stolen funds to ETH, valued at approximately over $9.5 million. The hacker's Gas came from Tornado Cash.","collect":0,"end_time":0,"defaultTopTitle":"theblockbeats.info","property":[],"viewcount":null,"language":"en","relate_stocks":{"BK4023":"应用软件","ETH":"迷你以太坊ETF-Grayscale","BK4601":"加密货币现货ETF"},"translate_title":"SlowMist团队：补给攻击者通过利率飙升漏洞窃取资产，黑客的毒气来自Tornado Cash","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"ETH":1,"US10Y.BOND":1,"US12M.BOND":1,"US2Y.BOND":1,"US30Y.BOND":1,"US3Y.BOND":1,"US5Y.BOND":1,"US6M.BOND":1,"US7Y.BOND":1},"content_text":"BlockBeats News, June 27th, SlowMist founder Yuxian stated that the decentralized stablecoin protocol Resupply was exploited by an attacker through a interest rate inflation vulnerability to steal assets. The attacker triggered price inflation by donating to the new treasury's Controller contract, causing the exchangeRate to become 0, bypassing the collateral check. Ultimately, the attacker was able to borrow a significant amount of reUSD with only 1 wei of collateral. The hacker has since converted the stolen funds to ETH, valued at approximately over $9.5 million. The hacker's Gas came from Tornado Cash.","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"-1","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"code":"91000000","status":"200"}}}