Preventing the attack
Last night, a vulnerability was discovered in a new version of the BancorNetwork v0.6 contract deployed on June 16 2020.
Any users who has traded with Bancor in the last 48hrs and given approvals to the Bancor contract, go to https://t.co/bCdpVtfPOC and revoke all approvals.
— Bancor (@Bancor) June 18, 2020
Early warning signs
#BaDAPProve: 3 months ago we @ZenGo warned about it. Today it happened @Bancor.https://t.co/j52C0DFg9y
"if the DApp is vulnerable to a security issue attackers can abuse these highly excessive privileges to steal ALL of the DApp’s users holdings" https://t.co/nvyLbbZkS5 pic.twitter.com/5FFnRzsqI6
— Tal Be'ery (@TalBeerySec) June 18, 2020