DeFi building block service Furucombo exploited for $14M
Furucombo, a drag and drop tool for users to create DeFi transactions, has been exploited.
The exploiter has stolen roughly $14M in ETH and ERC-20 tokens. According to The Block Research's Igor Igamberdiev, the exploiter used a fake contract to trick Furuсombo into thinking that Aave v2 had a new implementation and used this contract to transfer all approved tokens from Furucombo into their wallet.
According to a tweet from Furucombo, the project "believe" that the vulnerability has been patched and is "working on the next steps and will update our community as soon as we can."