OlympusDAO Suffers $300K Exploit White Hat Hacker Returns All Funds
Yesterday, OlympusDAO users experienced a little fright. After a hacker stole 30,000 OHM tokens, which are worth $300K, and later gave the money back.
It looks that the hacker is a white hat. exploited a flaw in the OHM Bonds smart contract to gain access to the new product.
The “BondFixedExpiryTeller contract contains a redeem() function that does not adequately validate the input,” claims PeckShield. The blockchain security firm acknowledged, nevertheless, that Bond Protocol was the author of the problematic smart contract.
Exploit Confirmed by OlympusDAO
OlympusDAO is a decentralized reserve currency protocol that launched last year. It recently started testing its OHM Bonds product. Following the exploit, the DAO informed members of the hack in the Discord server.
“This morning, an exploit occurred through which the attacker was able to withdraw roughly 30K OHM ($300K) from the OHM bond contract at Bond Protocol. This bug was not found by three auditors, nor by our internal code review, nor reported via our Immunefi bug bounty,” the announcement read.
The funds impacted were restricted as a result of the staggered implementation, OlympusDAO added.
The sum taken is a tiny percentage of the $3.3 million bounty that the hacker might have gotten for disclosing the flaw.
Hacker repatriates stolen money
The OlympusDAO team didn’t have to wait long, either, because the hacker gave back all the money.
“Funds have been returned to the DAO wallet,” the community update for the DAO states. In the upcoming hours, we will discuss the OHM bond payment and our future plans.
The hacker refused to say why he decided to refund the money. Some have suggested that he might be drawing attention to the flaw, though.
Others assert that he might have returned the money because finding a bug carries a sizable payout.
Regardless, the hack exposes DeFi smart contracts’ vulnerability even as technology advances.
In October, there were a record number of cryptocurrencies stolen from DeFi systems.
Mango Markets, Moola Market, BNB Chain, and TempleDAO were among the compromised protocols that were used to steal hundreds of millions of dollars.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Website: coincu.com
Annie
CoinCu News