Port3 Network Security Vulnerability: Price Almost Dropped to Zero

This morning, Port3 Network became the target of cyber attackers, and the PORT3 price dropped by over 99%, nearly reaching zero. The hack occurred due to a critical vulnerability in the network's smart contract.

According to on-chain data, the attacker successfully minted a total of 1 billion PORT3 by exploiting a validation error in the contract. During this process, the attacker released a large portion of the minted tokens onto the market, resulting in a price drop of over 80%. The withdrawal of liquidity eventually led to a decrease in selling pressure, but there was a sharp decline in the valuation of PORT3.

It was revealed that the attack stemmed from a boundary condition validation vulnerability in the CATERC20 cross-chain token solution used by Port3. Previously, Port3 had loosened ownership controls to enhance decentralization. This situation, when combined with faulty ownership checks, granted the attacker unauthorized token minting capabilities.

This vulnerability, not detected in the audit reports, led to the minting of a total of 10 billion tokens. The attacker initially generated hundreds of millions of PORT3 to earn thousands of Binance Coin (BNB) and then burned approximately 830 million PORT3 tokens in their possession.

Following the attack, the Port3 team announced a comprehensive plan to protect users with a swift intervention. All affected users will receive new tokens at a 1:1 ratio. The new PORT3 will only be distributed on the BNB Chain, and the liquidity on the Ethereum side will be completely transferred to this network. Additionally, to preserve the total supply, 162 million 750 thousand PORT3 will be burned. This action aims to eliminate the additional supply created by the attacker.

The distribution of the new tokens will be conducted using a multi-address transfer method on-chain. The migration process for centralized exchanges is currently in the approval phase. A snapshot was taken immediately after the attack, during which Foresight News and PANews confirmed that the technical details of the attack were clarified and that the team fully addressed this vulnerability in the new contract.

The Port3 team stated that it is now impossible for the attacker to mint tokens through the new contract. How will investor confidence be established after the price drop? The preservation of supply, the commitment to compensate user losses, and the clear identification of the attack source may support short-term confidence. However, the project's market position in the medium and long term will depend on the smooth implementation of the new contract and the team's continued transparent communication.