According to Fairyproof’s real-time decection system, on April 8, 2023, Polygon deployed token MOM was exploited due to a vulnerability in its implementation.

When the “claim” function of the its Farm contract deployed at 0xab13595b646b5b0ced929bc0ea335ec1ff7efba4 was called, if the tokenId parameter was assigned with 0, a huge quantity of the tokens could be claimed.

The caller passed a number of 40 zeros to “_tokenIds” and then claimed 4.03 million tokens. These tokens were dumped into its token pair on Uniswap V3.

Crypto assets worth more than US $185,000 were exploited in this incident.

According to Fairyproof’s real-time decection system, on April 8, 2023, Polygon deployed token MOM was exploited due to a vulnerability in its implementation.

When the “claim” function of the its Farm contract deployed at 0xab13595b646b5b0ced929bc0ea335ec1ff7efba4 was called, if the tokenId parameter was assigned with 0, a huge quantity of the tokens could be claimed.

Here is a transaction that claimed the tokens:

From the screenshot we can see that the caller passed a number of 40 zeros to “_tokenIds” and then claimed 4.03 million tokens. These tokens were dumped into its token pair on Uniswap V3.

Crypto assets worth more than US $185,000 were exploited in this incident.