Slow Fog Cosine: If you have not received the Monad airdrop, it is recommended to check the airdrop receiving address, as there may be a suspected session hijacking vulnerability attack

According to Slow Mist's Yu Xian, some users may not have received the Monad airdrop and are advised to check whether the wallet address bound on the airdrop claim page claim.monad.xyz is the expected address.

Yu Xian stated that if the bound address is not what the user expected, they may have encountered a problem similar to that of user Onefly (@Onefly) — the wallet address was bound to a hacker's address, causing the official airdrop to be sent to the hacker. According to Yu Xian, a white hat hacker had previously synced a related vulnerability with him, which has a prerequisite: if someone hijacks the user's session on the Monad airdrop claim page, they can change the claim wallet address without further confirmation.