Hacks Analyses
1. Euler Finance | Amount Lost: $197M
The attacker used a flash loan to borrow DAI and leveraged Euler Protocol to borrow eDAI and dDAI. By exploiting a vulnerability in the donateToReserves function, the attacker was able to initiate the liquidation process and profit from it. The vulnerability was due to the missing checkLiquidity step in the donateToReserves function, allowing users to enter a state of liquidation and complete the liquidation process.
Olympix has developed a tool to protect against flash loan attacks resulting from missing check vulnerabilities. These vulnerabilities and resulting attack vectors have become increasingly common and dangerous throughout the defi ecosystem. The Olympix tool uses static code analysis, traditional statistics, and AI to detect anomalies throughout the code base by comparing the code base against itself.
2. Sentiment Protocol | Amount Lost: $1M
An attack on Sentiment Protocol resulted in the loss of almost $1 million worth of various tokens and stablecoins. The attacker borrowed 606 WBTC, 10,050 WETH, and 18 million USDC using a flash loan, and deposited these tokens into the Balancer pool on Sentiment. The attacker exploited a reentrancy vulnerability during the exitPool function to transfer back the deposited tokens to their account, which decreased the pool token's total supply but token balance state remained the same. The exploit contract recursively borrowed assets using the inflated price of the pool token as collateral. Sentiment is continuing to investigate the attack and has implemented a fix to address the vulnerability exploited in the attack.
3. Poolz Finance | Amount Lost: $500K
The attacker used a vulnerability in the smart contract by invoking the CreateMassPools() method and causing an overflow in the array using the GetArraySum() method. This allowed the attacker to use the TransferInToken() function to establish liquidity in the pool and withdraw the gained tokens using the withdraw feature.
4. Safemoon | Amount Lost: $8.9M
The hacker exploited a public burn()* function in the Safemoon contract, which allowed any user to burn tokens from any other address. This function was used to remove SFM tokens from the liquidity pool, raising their price artificially and allowing the attacker to sell them back to the pool at a profit.
*A burn() function allows the destruction of tokens or coins that exist on a blockchain. When tokens are "burned", they are permanently removed from circulation, decreasing total supply of the token.
5. Hedera | Amount Lost: $515K
An attacker used a suspicious address to deploy a malicious contract that stole assets from various pools. The attack was on Hedera's mainnet Smart Contract Service code, which resulted in the transfer of Hedera Token Service tokens from victims' accounts to the attacker's account. The targeted accounts were on multiple decentralized exchanges that used Uniswap v2-derived contract code, including Pangolin, SaucerSwapLabs, and HeliSwap_DEX.
Explore
Olympix Announcements
We are excited to share new updates about the Olympix tool;
- Our tool now utilizes a combination of static code analysis, traditional statistics, and AI to identify anomalies in the code base by performing comparisons against itself, which helps safeguard against flash loan attacks caused by missing check vulnerabilities. This feature is accessible through an API call.
- Olympix can detect if a contract is an upgradable or proxy, allowing for more curated and accurate results.
- We've added additional patching capabilities to quickly fix vulnerabilities.
Interested in learning more about Olympix?
Here are some links to get you started:
- - Our website where you can sign up to join our Beta / Discord
- - Get updates on exploits, product updates
- - Newsletter #1, subscribe for more.
Also published