HashDit says Corezcat and GameStopfun drained about $93K after both token contracts overrode ERC-20 balanceOf() and routed balance reads to external contracts. The external logic let the attacker fake pool and hack-contract balances, execute the rug, and leave the stolen funds in the attacker wallets.

TLDR by @Benthic

Explore the topic

More on Rug

Comments