UFBI News: SUSHI RouteProcessor2 is confirmed to be under attack. Hackers can construct token transfers through the callback uniswapV3SwapCallback function. The fundamental reason is that ProcessRoute does not perform any checks on the route parameters passed in by users, causing attackers to use this problem to construct malicious route parameters to make the contract The pool being read was created by the attacker.
