According to Foresight News, CertiK's alert system has identified an exploit on the Base chain involving the Rebalancer contract, located at address 0x6a0b87d6b74f7d5c92722f6a11714dbeda9f3895. The attacker successfully exploited a reentrancy vulnerability, resulting in a gain of 133.7 ETH, which is approximately valued at $501,000.
The analysis reveals that the root cause of the vulnerability lies in the contract's open() function, which permits the input of any pool.strategy contract address. The attacker took advantage of this feature by inputting a malicious contract. During the execution of the burn function, the attacker was able to perform a reentrancy operation, thereby acquiring an additional 50% of the ETH. This exploit highlights the critical need for robust security measures in smart contract development to prevent such vulnerabilities from being exploited in the future.