Liquidator can seize more tokens than the borrower has as collateral, leading to an arithmetic underflow and locking collateral.

Lines of code Vulnerability details Impact Lack of validation on seizeTokens could allow collateral locking by underflow. Proof of Concept The liquidateBorrowFresh function does not explicitly validate that seizeTokens is less than or equal to accountTokensborrower before transferring tokens from...

LienToken: Lender and liquidator can collude to block auction and seize collateral

Lines of code Vulnerability details If a lender offers a loan denominated in an ERC20 token that blocks transfers to certain addresses for example, the USDT and USDC blocklist, they may collude with a liquidator or act as the liquidator themselves to prevent loan payments, block all bids in the...

[WP-H4] The collateral assets impounded with settleBadDebt() will be frozen in the insuranceFund contract

Lines of code Vulnerability details In MarginAccount.solsettleBadDebt, the collateral assets will be seized and transferred to the insuranceFund contract. However, there is no way for the liquidity providers of the insuranceFund to get back the collateral assets. In the current implementation,...

Authorities seize 15 popular DDoS-for-hire websites

By Waqas Authorities have seized and shut down 15 popular DDoS-for-hire websites used by cybercriminals for revenge and DDoS distributed denial of service attacks on private individuals as well as businesses including online gaming giants, email service providers and hosting sites. The operation...

Authorities bust world’s largest DDoS-for-hire service & seize its domain

By Waqas In a large-scale joint operation called "Operation Power Off", the This is a post from HackRead.com Read the original post: Authorities bust world's largest DDoS-for-hire service & seize its domain...