SNEAK PEEK
- The hacker who stole $300,000 in cryptocurrency from OlympusDAO has returned it.
- The hacker used a smart contract linked to the project’s bond functionalities in the initial attack.
- This month, OlympusDAO was one of the numerous DeFi portals targeted in attacks totaling $718 million.
A decentralized reserve currency protocol known as OlympusDAO is supported by 120,000 holders who collectively own assets worth $260 million at present. It enables users to interact with the protocol via staking and bonding, the latter of which includes exchanging tokens for OHM at a discount.
It seems the related @OlympusDAO‘s BondFixedExpiryTeller contract has a redeem() function that does not properly validate the input, resulting in ~$292K loss. https://t.co/dkhC5Ex9sz https://t.co/ikidpLyBga pic.twitter.com/wu5tUrepS6
— PeckShield Inc. (@peckshield) October 21, 2022
But OlympusDAO is the unfortunate example of a cryptocurrency cyberattack after a thief made off with 30,000 OHM tokens, which are worth about $300,000. In the initial theft, 30,437 OHM were taken from OlympusDAO’s smart contracts by the attacker. However, all of OlympusDAO’s money that was stolen has been recovered.
The funds are now returned back to the @OlympusDAO : DAO Funds in the following two txs: https://t.co/Hc754qRvlU https://t.co/04EAnQe1Qh
— PeckShield Inc. (@peckshield) October 21, 2022
The bond contract known as BondFixedExpiryTeller was the target of the attacker. PeckShield asserts that one of the contract’s functions improperly validated inputs, permitting the attacker to enter erroneous values and transfer money.
In accordance with Peckshield, the impacted contract was not an original OlympusDAO contract. Instead, a Bond Protocol smart contract was utilized to test the viability of OHM bonds. The attack today appears to have had little impact on OlympusDAO’s OHM token, which has a value of $9.94 at the moment.
A spokesperson for OlympusDAO claims that the perpetrator of the theft reached a deal and then returned all of the funds to the project. Mango Markets, TempleDAO, BNB Chain, and Moola Market are just a few of the DeFi platforms that have been the target of attacks in October. According to Chainalysis data, this month alone has seen thefts of at least $718 million.