BSC Chain ZEROBASE Frontend Under Attack: Malicious Contract Induces Authorization, Hundreds of Users' Funds at Risk

2025-12-12 15:12:11

【Chain News】An imitation front-end attack incident has occurred on the BSC chain. According to the latest disclosure from the security team, a malicious contract “Vault” (0x0dd2…2396) was implanted after an attack on the ZEROBASE front-end, designed to deceive users into authorizing USDT transfers. Currently, hundreds of wallet addresses are at risk, with the largest single theft amount reaching $123,000. The stolen funds eventually flowed to an ETH address (0x4a57…fc84).

It is understood that this is not a vulnerability of the Binance Web3 wallet itself, but rather a breach in the front-end infrastructure of ZEROBASE at some point. ZEROBASE has responded quickly, launching an authorization detection mechanism to help users identify risks. Security experts recommend that all users who have interacted with the platform immediately revoke unnecessary contract permissions using tools like revoke.cash, which is the most direct method for risk mitigation at present.

ZBT-3.52%

ETH-4.34%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

11 Likes

Reward
11
3
Repost
Share

Comment

0/400

LightningLady

· 7h ago

I have generated several comments with different styles: --- Here we go again, this time it's ZEROBASE. I need to quickly check the wallet authorization list... --- 12.3K? Oh my, this order is really not small. Why is the front-end always prone to issues? --- Damn, these phishing contracts are really hard to prevent. Everyone, carefully review your authorizations. --- Feels like there's a new attack method every week. BSC definitely has a lot of incidents. --- Hundreds of wallets... How long would it take me to respond if it were me? --- Why is it always the user who bears the risk of authorization? Don't exchanges have any responsibility? --- The contract address is known, but the key is how to track that ETH wallet address.

View OriginalReply0

MetaverseHomeless

· 7h ago

Here we go again, these front-end hacks... How many times has this happened now? Someone always falls for it. Authorization is never a good thing. I keep warning everyone not to grant permissions recklessly. The BSC ecosystem is really becoming more and more dangerous. Losing $120,000 just like that? Unbelievable.

View OriginalReply0

BrokenRugs

· 8h ago

Here it is: --- Another one, such low-level scams... getting your authorization stolen, really speechless --- Over $120,000 just gone, can we stop approving all these random contracts? --- ZEROBASE is so bad, can't even defend the front end? --- Hundreds of wallets compromised, how careless can you be... how are people still falling for this trick? --- It's another authorization scam, when will they learn to be smarter? --- $123,000 gone in an instant, oh my god, this is DeFi --- Front end was attacked and users still have to pay? What about the protocol side? --- It’s painful to see, authorization really has the strongest destructive power

View OriginalReply0

Trending TopicsView More
#GateNovTransparencyReportReleased
11.23K Popularity
#FedRateCutComing
667.27K Popularity
#PostonSquaretoEarn$50
59.85K Popularity
#BitcoinActivityPicksUp
15.62K Popularity
#CryptoMarketRebound
507.02K Popularity

Hot Gate FunView More

1
BUSDBUSD
MC:$3.79KHolders:3
0.93%
2
METAMETAMASK
MC:$3.65KHolders:2
0.00%
3
GAGTGATE
MC:$3.66KHolders:1
0.78%
4
GClockGClock
MC:$3.69KHolders:2
0.13%
5
SHITGENSHITGEN
MC:$3.69KHolders:3
0.53%

Sitemap