QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$28 000 USD
APRIL 2025
GLOBAL
UNKNOWN
DESCRIPTION OF EVENTS
The unverified smart contract was created on April 11th, 2025. It may be related to the Sola Token, however this is unconfirmed.
Decompilation and analysis of the victim contract revealed that the withdrawToken() function had no access restrictions—no onlyOwner modifier or require() checks—allowing any external address to call it and withdraw arbitrary tokens. This fundamental lack of access control made the function publicly callable, enabling the attacker to drain tokens without authorization. This poor design choice was confirmed via code decompilation, which showed no permission gating logic within the function.
The smart contract reportedly allowed anyone to transfer tokens from it due to a lack of access control on the withdrawToken function.
On April 12, 2025, an unverified smart contract at address 0x623c was exploited due to a critical lack of access control, resulting in a loss of approximately $28,000.
The attacker initiated the exploit by sending 0.4 BNB to their own malicious contract at 0xD306.... They then assessed the Sola Token balance in the victim contract and calculated how much USDT could be obtained by swapping it. Utilizing the swap() function from PancakePair 0xdf9, the attacker initiated a flash swap, receiving 23,235 USDT upfront for 2,143,036 SOLA—before the SOLA was actually transferred to the liquidity pool.
To complete the swap and repay the protocol, the attacker then called the withdrawToken() function from the victim contract (0x623c...), which transferred the owed SOLA tokens to the swap pair. This allowed the swap to be finalized successfully without the attacker ever owning the SOLA tokens beforehand. The attacker repeated this process with another Sola token (0xef7), extracting 8.92 WBNB in a similar manner.
Contract Address: 0x623c1c6693e1425a7E691a0FF5C256Cb276522CA
This attack was part of a broader pattern by a repeat offender who had previously targeted Gemcy, OPC, and AIRWA, stealing around $181,000. A subsequent fifth exploit occurred on April 23, 2025, against ACB. The April 12 exploit targeted the Sola Token and used a malicious contract to abuse a vulnerable withdrawal function.
TenArmor reports that the loss is approximately $28.1k.
It's unclear if there was any reaction from the team behind this unverified smart contract.
The incident was reported on by TenArmor.
There is no indication that funds have been recovered in this case.
It is unclear if any investigation or potential recover is ongoing.
An unverified smart contract at address 0x623c—possibly linked to the Sola Token—was exploited due to a critical lack of access control on its withdrawToken() function, allowing anyone to transfer tokens from it. The attacker used a malicious contract and flash swap via PancakePair to obtain over 23,000 USDT and later repeated the process with another Sola token to extract 8.92 WBNB, leading to a total loss of approximately $28.1k. This marked the fourth in a series of similar attacks by a repeat offender, with no indication of recovery or ongoing investigation.
TenArmor - "Our system has detected a suspicious attack involving an unverified contract 0x623c1c6693e1425a7E691a0FF5C256Cb276522CA on #BSC, resulting in an approximately loss of $28.1K." - Twitter/X (Aug 6)
The attack transaction happening in the Binance Smart Chain. (Aug 6)
Sola Incident Analysis - CertiK (Aug 6)
Week 15, 2025 - BlockThreat (Aug 6)
Week 20, 2025 - BlockThreat (Aug 6)
Unverified Smart Contract - BSCScan (Aug 6)
Binance Transaction Hash: 0x7d61611946... | BscScan (Aug 6)
