The Web3 project faced a loss of USDT due to an unauthorized wallet address

AI Overview

According to BlockBeats, the Web3 startup project encountered an unauthorized transfer of hundreds of thousands of USDT due to a hard-coded authorized wallet address in the code of its smart contract. The incident was revealed by a member of the crypto community, Cat (@0xCat_Crypto). The suspicious contract code presented by the employee is under scrutiny, although the employee denies responsibility, claiming that the malicious code was automatically generated by an AI software assistant without thorough review. Currently, the ownership of the involved wallet and the identity of the code author remain unclear.

Cosine from SlowMist stated that preliminary investigations ruled out the possibility of generating malicious code with AI. The investigation used the Cursor and Claude 3.7 models, which showed that the automatically completed AI address did not match the involved malicious address. The malicious address was granted smart contract owner rights, leading to the complete transfer of the project's funds.