Backward Labs

13 posts

Backward Labs banner
Backward Labs

Backward Labs

@backwardlabs

Every EVM exploit, shipped within 1 hour.

Katılım Ocak 2026
57 Takip Edilen23 Takipçiler
Backward Labs
Backward Labs@backwardlabs·
[Backlight Initial Analysis] 🚨 Backedfi exploit on Ethereum Tx: 0xe2320086b2815d21b0927839bd0e306466c29a68d38d5361e99dd21ec5472612 🕒 Occurred: 2026-07-01 00:24 UTC 💥 Impact: approximately ~$204.1K 🔎 Root cause: Medium-confidence RCA points to pool borrow validation accepted ERC4626 wrapper collateral whose spot share value was manipulable in the same transaction. What happened: An attacker-controlled setup interacted with a Backedfi protocol path. The protocol assumption under review is that validation and accounting checks would keep the state bounded. The economic PoC reproduced the observed value movement at incident scale. Need more detail? Check our repo and analysis thread below ↓ 🧵
Backward Labs tweet media
English
1
1
1
117
Backward Labs
Backward Labs@backwardlabs·
[Backlight Verified Incident] 🚨 Vault4626 exploit on Base Tx: 0x2f2e12fbdf541c28f3667153e5338f73a313096338dc5ca592453566debcd790 🕒 Occurred: 2026-06-29 04:14 UTC 💥 Impact: approximately ~$21.9K 🔎 Root cause: Vault redeem double-counts non-asset value by paying USDC-equivalent TVL and WETH separately What happened: An attacker-controlled setup interacted with a Vault4626 protocol path. The protocol assumption under review is that validation and accounting checks would keep the state bounded. The economic PoC reproduced the observed value movement at incident scale. Need more detail? Check our repo and analysis thread below ↓ 🧵
Backward Labs tweet media
English
1
0
1
144
Backward Labs
Backward Labs@backwardlabs·
[Backlight Verified Incident] 🚨 Dlmc exploit on BSC Tx: 0x151025d3f0a782340a74d30ef33a5fad044b838e74437a803f0652e70c231306 🕒 Occurred: 2026-06-24 11:15 UTC 💥 Impact: approximately 222560.221693222099016479 USDT 🔎 Root cause: A pricing/accounting mismatch in the Dlmc market settlement path let payouts exceed the checked reserve state. What happened: An attacker-controlled setup repeatedly interacted with a Dlmc market path. The protocol assumption under review is that settlement accounting would keep USDT payouts bounded by market reserves. That mismatch let USDT leave the market reserve, and the economic PoC reproduced the observed loss scale. Need more detail? Check our repo and analysis thread below ↓ 🧵
Backward Labs tweet media
English
1
0
0
105
Backward Labs
Backward Labs@backwardlabs·
[Backlight Verified Incident] 🚨 Pnacakeswap V2 exploit on BSC Tx: 0x8dabb60a94e5124462e5f494a25c14bcd52f6f4d1f7c665a249496f4c6c24764 🕒 Occurred: 2026-06-20 11:31 UTC 💥 Impact: approximately 1115903.663412131721557252 USDT 🔎 Root cause: OLPC pair-out transfer branch lets skim trigger amplified pair-balance burns What happened: An attacker-controlled setup interacted with a Pnacakeswap V2 protocol path. The protocol assumption under review is that validation and accounting checks would keep the state bounded. The economic PoC reproduced the observed value movement at incident scale. Need more detail? Check our repo and analysis thread below ↓ 🧵
Backward Labs tweet media
English
1
0
2
146
Backward Labs
Backward Labs@backwardlabs·
[Backlight Verified Incident] Protocol: Pancakeswap_v2 Chain: bsc Tx: 0x8dabb60a94e5124462e5f494a25c14bcd52f6f4d1f7c665a249496f4c6c24764 Impact: - Victim/staking contract lost 108753.775731175923 USDT - Victim/staking contract gained 195.568340183655 WBNB Root cause: - OLPCToken._update burns value * decimalsValue whenever from == swapPair and the recipient is not tax-exempt, then sets the actual transfer value to zero. PancakePair.skim() can be called publicly to request transfer of Artifacts: - Report: github.com/BackwardLabs/Q… - PoC: github.com/BackwardLabs/Q… Flow: - Attacker entry created tx-local helper contracts. - Helpers repeatedly called OLPC transfer -> PancakePair.skim(address) -> PancakePair.sync(). Attacker CA: - Attack contract: 0x18d6c39ae9e537f948aa2212d44d8c23944fc188 - Attacker EOA: 0x18d6c39ae9e537f948aa2212d44d8c23944fc188
English
0
1
1
222
Backward Labs
Backward Labs@backwardlabs·
we are building real-time exploit intelligence for the EVM ecosystem. Our mission is to reduce the time between an exploit transaction and a usable root-cause explanation. When an attack happens, the ecosystem should not wait days for fragmented postmortems. Protocol teams, auditors, responders, and researchers need fast, evidence-grounded analysis that explains what the attacker executed, why it worked, and which invariant failed. We reconstruct exploit execution meaning within one hour across EVM-compatible chains and turn raw on-chain activity into actionable RCA.
English
1
0
4
362