The latest “evil contract” exploit has netted an attacker over $14 million in stolen funds.
Furucombo, a tool designed to help users “batch” transactions and interactions with multiple decentralized finance (DeFi) protocols at once, fell victim to the attack at roughly 4:45 pm UTC, which centered on token approvals from users.