Zora Claim Contract Exploited: $128k in ZORA Tokens Stolen

Posted: 2025-04-24 19:38:09 UTC

@Blockaidblockaid_

#Exploit

#SecurityBreach

#DeFi

#Zora

#0xProject

Heads Up!

This article contains some claims that are falsified. While not everything in the article is false, please proceed with extreme caution and verify any critical information independently.

Full Thread

This article contains some claims that are falsified. While not everything in the article is false, please proceed with extreme caution and verify any critical information independently.

Heads Up!

Verification Details

Status

In Progress

VerifiedPartially VerifiedFalse

Last Updated

2025-04-24 19:38:56 UTC

Verified By

Rollup News

TL;DR;

An attacker exploited the Zora claim contract for 0xProject's allocation, resulting in the theft of $128k in ZORA tokens. The attacker manipulated the execute function to claim ZORA tokens allocated to 0x, subsequently trading them for ETH and bridging them to Ethereum.

Key Impact Areas

Exploit of Zora claim contract

Theft of $128k in ZORA tokens

Attacker manipulation of execute function

Token bridging from Base to Ethereum

Challenges

Vulnerability in Zora claim contract

Attacker's ability to manipulate the execute function

Permissionless nature of the contract allowing arbitrary calls

Zora Claim Contract Exploited: $128k in ZORA Tokens Stolen

Heads Up!

Full Thread

Heads Up!

Verification Details

TL;DR;

Key Impact Areas

Challenges

Claims

Deliberation Map

Similar Rollups