Foresight News reports that, according to CertiK monitoring, the privacy gaming project FOOMCASH’s lottery contract experienced a vulnerability exploit (or white-hat rescue operation), involving approximately $1.8 million. The root cause of the vulnerability may be related to its Groth16 verifier setup, allowing attackers to repeatedly collect ZOOM tokens when all other inputs remain the same.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Ripple CTO: Kelp DAO Exploit Reflects Bridge Security Trade-Offs
David Schwartz, CTO Emeritus at Ripple, analyzed bridge security vulnerabilities following the $292 million Kelp DAO exploit. He noted that providers prioritized convenience over robust security, undermining essential protective features. The Kelp DAO breach stemmed from a private key leak, exacerbated by a simplified security configuration in their LayerZero implementation.
CryptoFrontier1h ago
rsETH LayerZero bridge hacked, Aave and other protocols urgently freeze funds
Kelp DAO’s liquidity re-staking token rsETH was attacked on April 19 by a hacker exploiting a cross-chain message verification vulnerability, resulting in 116,500 rsETH being released to an address controlled by the attacker. Multiple DeFi protocols urgently froze related functions to address potential losses. LayerZero stated that it is actively fixing the vulnerability and will release a post-incident analysis report.
MarketWhisper1h ago
France Logs 41 Crypto-Related Kidnappings and Home Invasions in 2025
In 2025, France documented 41 crypto-related kidnappings amid rising "wrench attacks," prompting heightened security around blockchain events. Global incidents of coercion surged by 75%, with France leading in cases. Efforts to improve safety and address concerns about becoming a crypto hub are underway.
GateNews2h ago
eth.limo domain hijacked; EasyDNS admits first social engineering attack in 28 years
The eth.limo domain was subject to DNS hijacking on April 17. The attacker, posing as a team member, successfully tricked the domain registrar EasyDNS into executing account recovery for the domain. Although this incident did not affect users, because the attacker did not obtain the DNSSEC key material, they were unable to bypass the trust chain. This incident highlighted the risks of social engineering in the crypto space and prompted eth.limo to switch to the Domainsure service, which does not support account recovery, to enhance security.
MarketWhisper2h ago
Curve Finance Suspends LayerZero Bridging as a Precaution, Limits CRV and crvUSD Bridge Access
Curve Finance has been attacked over LayerZero infrastructure related to rsETH, and has temporarily suspended cross-chain functionality to prevent risk, impacting CRV cross-chain bridging and the fast bridging of crvUSD. Founder Egorov said the incident demonstrates the risk of “non-isolated lending,” and proposed a fully isolated mode as an alternative. Kelp DAO also suffered losses of about $292 million due to the attack, affecting lending activity on the Aave platform.
MarketWhisper3h ago
A Kelp bridge hack spreads and affects Aave, as TVL plunges and bad debt surges to 196 million
Liquidity re-staking protocol Kelp’s cross-chain bridge was attacked, stealing 116,500 rsETH and depositing it into Aave V3, resulting in roughly $196 million in bad debt. Aave’s contracts were not affected, but the incident revealed the systemic risk of LRT collateral, prompting DeFi protocols to re-evaluate their risk models, which could lead to losses for stkAAVE holders.
MarketWhisper3h ago
