OlympusDAO Loses $300K, White Hat Hacker Returns All Funds



Users of OlympusDAO had a brief scare yesterday. aA hacker tampered with 30,000 OHM tokens, equivalent to $300K, and then returned the funds.

The hacker, appears to be a white hat. The new product, OHM Bonds for Smart Contracts took advantage of a bug.

According to peckshield, it appears that “The BondFixedExpiryTeller contract contains a redeem() function that does not properly validate input.” However, the blockchain security firm clarified that the Bond protocol wrote the affected smart contract.

OlympusDAO confirms exploit

OlympusDAO is a decentralized reserve currency protocol that was launched last year. It has recently started testing its OHM bond product. Following the exploit, The DAO informed members about the hack in Discord servers.

“This morning, an exploit occurred through which the attacker was able to extract approximately 30K OHM ($300K) from an OHM bond contract in the bond protocol. This bug was not found by the three auditors, nor by our internal code review, and Nor was it reported through our Immunefi bug bounty,” the announcement read.

OlympusDAO said the affected funds were limited due to the phased rollout.

The amount stolen is only a fraction of the $3.3 million bounty that hackers could have claimed if they had reported the exploit.

At the time, the DAO team said it had closed the affected markets and was now looking for ways to compensate the affected users.

hacker returned the stolen money

Meanwhile, the OlympusDAO team didn’t have to wait long as the hacker returned all the funds.

The DAO community update reads, “The funds have been returned to the DAO Wallet. We will communicate OHM bond payments and plans to proceed in the coming hours.”

The hacker did not explain why he chose to return the funds. However, some people have assumed that he is drawing attention to the bug.

Others say that he may have returned the money because of the hefty reward associated with discovering the bug.

Even as the technology is improving, the hack underscores the vulnerability of DeFi smart contracts.

The crypto space saw a record theft of cryptocurrencies from the DeFi platform in October.

Some of the affected protocols include Mango Markets, Moola Markets, BNB Chain and TempleDAO, which have been exploited in the millions.

be for[In]Latest Bitcoin (BTC) Analysis of Crypto, Click Here

Disclaimer

All information contained on our website is published in good faith and for general information purposes only. Any action taken by readers on information found on our website is strictly at their own risk.





Source link

Leave a Comment