Port3 Network Security Vulnerability: Price Almost Dropped to Zero

This morning, Port3 Network fell victim to a cyber attack, with the PORT3 price dropping by more than 99%, nearly reaching zero. The hack occurred due to a critical vulnerability in the network's smart contract.

According to on-chain data, the attacker exploited a validation error in the contract to successfully mint a total of 1 billion PORT3. In the process, the attacker released a large portion of the minted tokens into the market, leading to a drop in the price of over 80%. The liquidity withdrawal caused the selling pressure to decrease after some time; however, a severe crash in the valuation of PORT3 was experienced.

It was revealed that the attack originated from a boundary condition validation flaw in the cross-chain token solution called CATERC20, used by Port3. Previously, Port3 had loosened ownership controls to enhance decentralization. This situation, combined with the faulty ownership control, provided the attacker with unauthorized token minting capabilities.

This unaddressed vulnerability in audit reports resulted in a total of 10 billion tokens being minted. The attacker initially produced hundreds of millions of PORT3 tokens, earning thousands of Binance Coin (BNB), and then burned approximately 830 million PORT3 tokens to eliminate them.

In response to the attack, the Port3 team announced a comprehensive plan to protect users through a swift intervention. All affected users will receive new tokens at a 1:1 ratio. The new PORT3 will only be distributed on the BNB Chain, and the liquidity on the Ethereum side will be completely transferred to this network. Additionally, to protect the total supply, 162 million 750 thousand PORT3 will be burned, aiming to eliminate the extra supply created by the attacker.

The distribution of new tokens will be carried out using a multi-address transfer method on-chain. The migration process for centralized exchanges is currently in the approval stage. A snapshot was taken immediately after the attack, during which Foresight News and PANews confirmed that the technical details of the attack were clarified and that the team had fully closed this vulnerability in the new contract.

The Port3 team stated that it is now impossible for the attacker to mint tokens through the new contract. How will investor confidence be established following the price drop? The protection of the supply, the promise to compensate user losses, and the clear identification of the source of the attack may support short-term confidence. However, the project's market position in the medium and long term will depend on the seamless implementation of the new contract and the team's ability to maintain transparent communication.