The Metaverse platform MetaPoint experienced a hack on April 12 that cost the company almost $1 million. The hacker took 2,515 BNB in total, which is the currency used on the Metaverse platform. This attack highlights the importance of security and shows that even leading platforms are vulnerable to malicious activity.
As such, it is imperative for all platforms to ensure that they have robust security measures in place in order to protect their users from financial loss.
A flaw in the platform’s smart contract code allowed the perpetrators of the malicious activity to quickly and easily withdraw money from user accounts without their consent.
The Hack Expounded
The attack on the platform exploited a vulnerability in one of its smart contracts. When a user deposits funds, the transaction would initiate the creation of a new contract and deposit the assets into that instead. The existence of a specific function called “approve,” which allowed any caller to access the $META tokens without any restrictions, made this possible.
The problem, according to a security analyst who offered a comment on the matter, “lies in this function, as it essentially allows anyone with knowledge of its existence to gain access to these tokens without having to jump through any hoops or comply with any regulations.” Due to the system’s lack of protection, attackers could easily take advantage of it and access funds that did not belong to them.
Users have suffered significant financial losses as a result of this breach, which has also severely harmed the platform’s reputation. Unfortunately, there is no way for users who have lost funds to recoup their losses, as there is no insurance policy in place to cover them. The Metaverse team is currently working hard to restore confidence in their platform and improve security measures, but it will take time before people start trusting them again.
