{"id":502218,"date":"2022-10-20T04:57:35","date_gmt":"2022-10-20T01:57:35","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/ethereum-alarm-clock-exploit-leads-to-260k-in-stolen-gas-fees-so-far\/"},"modified":"2022-10-20T04:57:35","modified_gmt":"2022-10-20T01:57:35","slug":"ethereum-alarm-clock-exploit-leads-to-260k-in-stolen-gas-fees-so-far","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/ethereum-alarm-clock-exploit-leads-to-260k-in-stolen-gas-fees-so-far\/","title":{"rendered":"# Ethereum Alarm Clock exploit leads to $260K in stolen gas fees so far"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a4024c6969ec\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a4024c6969ec\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/ethereum-alarm-clock-exploit-leads-to-260k-in-stolen-gas-fees-so-far\/#%E2%80%9D_Ethereum_Alarm_Clock_exploit_leads_to_260K_in_stolen_gas_fees_so_far_%E2%80%9C\" >&#8221; Ethereum Alarm Clock exploit leads to $260K in stolen gas fees so far &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Ethereum_Alarm_Clock_exploit_leads_to_260K_in_stolen_gas_fees_so_far_%E2%80%9C\"><\/span>&#8221; Ethereum Alarm Clock exploit leads to $260K in stolen gas fees so far &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTAvNTJiM2M2Y2QtNDMyYi00ZWYzLTg0ZGUtZGE0Y2VmMmRiMzAzLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-4b69a2fe>A bug in the smart contract code for the Ethereum Alarm Clock service has reportedly been exploited, with nearly $260,000 said to have been swiped from the protocol so far. <\/p>\n<p>The Ethereum Alarm Clock enables users to schedule future transactions by pre-determining the receiver address, sent amount, and desired time of transaction. Users must have the required Ether (ETH) on hand to complete the transaction and need to pay the gas fees upfront. <\/p>\n<p>According to an Oct. 19 <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> post from blockchain security and data analytics firm PeckShield, hackers managed to exploit a loophole in the scheduled transaction process which allows them to make a profit on returned gas fees from canceled transactions. <\/p>\n<p>In simple terms, the attackers essentially called cancel functions on their Ethereum Alarm Clock contracts with inflated transaction fees. As the protocol dishes out a gas fee refund for canceled transactions, a bug in the smart contract has been refunding the hackers a greater value of gas fees than they initially paid, allowing them to pocket the difference. <\/p>\n<p>\u201cWe&#8217;ve confirmed an active exploit that makes use of huge gas price to <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/game\/\" data-internallinksmanager029f6b8e52c=\"7\" title=\"Game\" target=\"_blank\" rel=\"noopener\">game<\/a> the TransactionRequestCore contract for reward at the cost of the original owner. In fact, the exploit pays 51% of the profit to the miner, hence this huge MEV-Boost reward,\u201d the firm wrote. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We&#8217;ve confirmed an active exploit that makes use of huge gas price to game the TransactionRequestCore contract for reward at the cost of original owner. In fact, the exploit pays the 51% of the profit to the miner, hence this huge MEV-Boost reward. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/7UAI0JFv72\">https:\/\/t.co\/7UAI0JFv72<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/De6QzFN472\">https:\/\/t.co\/De6QzFN472<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/iZahvC83Fp\">pic.twitter.com\/iZahvC83Fp<\/a><\/p>\n<p>\u2014 PeckShield Inc. (@peckshield) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/peckshield\/status\/1582756435955359744?ref_src=twsrc%5Etfw\">October 19, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nPeckShield added at the time, it had spotted 24 addresses which had been exploiting the bug to collect the supposed \u201crewards.\u201d<\/p>\n<p>Web3 security frim Supremacy Inc also provided an update a few hours later, pointing to Etherscan transaction history that showed the hacker(s) were so far able to swipe 204 ETH, worth roughly $259,800 at the time of writing. <\/p>\n<p>\u201cInteresting attack event, TransactionRequestCore contract is four years old, it belongs to ethereum-alarm-clock project, this project is seven years old, hackers actually found such old code to attack,\u201d the firm noted. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">2\/ The cancel function calculates the Transaction Fee (gas uesd * gas price) to be spent with the &#8220;gas used&#8221; over 85000 and transfers it to the caller. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/aXyad0oDPv\">pic.twitter.com\/aXyad0oDPv<\/a><\/p>\n<p>\u2014 Supremacy Inc. (@Supremacy_CA) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/Supremacy_CA\/status\/1582789436995010560?ref_src=twsrc%5Etfw\">October 19, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>As it stands, there has been a lack of updates on the topic to determine if the hack is ongoing, if the bug has been patched, or if the attack has concluded. This is a developing story and Cointelegraph will provide updates as it unfolds. <\/p>\n<p>Despite October <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/general\/\" data-internallinksmanager029f6b8e52c=\"3\" title=\"General\" target=\"_blank\" rel=\"noopener\">general<\/a>ly being a month associated with bullish action, this month so far has been rife with hacks. According to a Chainalysis report from Oct. 13, there had already been $718 million stolen from hacks in October, making it the biggest month for hacking activity in 2022. <\/p>\n<p><template data-name=\"subscription_form\" data-type=\"markets_outlook\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/ethereum-alarm-clock-exploit-leads-to-260k-in-stolen-gas-fees-so-far\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Ethereum Alarm Clock exploit leads to $260K in stolen gas fees so far &#8220; A bug in the smart contract code for the Ethereum Alarm Clock service has reportedly been exploited, with nearly $260,000 said to have been swiped from the protocol so far. The Ethereum Alarm Clock enables users to schedule future transactions&#8230;<\/p>\n","protected":false},"author":1,"featured_media":502219,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTAvNTJiM2M2Y2QtNDMyYi00ZWYzLTg0ZGUtZGE0Y2VmMmRiMzAzLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74894,74882,75434,70944],"class_list":["post-502218","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-blockchain","tag-hacks","tag-smart-contracts","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/502218","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=502218"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/502218\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/502219"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=502218"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=502218"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=502218"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}