Blockchain Security Firm Reveals FOOMCASH Imitation Attack Resulting in Over $2M Loss

Security Firm Uncovers Imitation Attack on FOOMCASH Contracts

According to the latest monitoring data from blockchain security firm BlockSec, the FOOMCASH contracts on Base and Ethereum networks recently suffered from imitation attacks. Attackers exploited misconfigured verification keys to forge zkSNARK proofs, successfully bypassing contract validation mechanisms.

Attack Method Mirrors Previous VeilCash Vulnerability

The technique used in the attack closely resembles the security flaw previously exploited in VeilCash. By manipulating the incorrectly configured verification system, attackers forged zero-knowledge proofs to extract funds illegally.

Losses Reach $2.26M, Some Transactions Suspected as White-Hat Actions

A single attack transaction on the Base chain resulted in a loss of approximately $427,000, while transactions involving around $1.83 million on Ethereum are suspected to be white-hat operations aimed at rescuing assets and preventing further theft.

• Attack occurred across both Base and Ethereum networks
• zkSNARK validation flaw exploited
• Total loss approximately $2.26 million
• Some transactions likely white-hat intervention

Project teams have yet to publicly respond, and security teams continue to track the attacker's fund movements.