How the hacker stole the fund from this smart contract? The fund transfer was disabled

Last week someone stole the fund from the contract, The contract has no way to transfer fund directly, but somehow the hacker user emergencyfundtransfer to stole the fund.

This is the contract address in bscchain. 0x4d1A3e3172e0E76B417DC304a6855c67C5E21F6f

Now the owner of the contract has been changed, is there still chances to hack again?

Is getting private key of owner address would be enough to get access of the contract and stole fund?

The source code does not been verified, so I am not sure if there are other vulnerable issues.
Always test your contract before deploying.

2 Likes