A hacker who stole 30,437 OHM tokens (worth about $300,000) from an Olympus DAO’s smart contract earlier today has returned the money to the DAO in two transactions, according to blockchain security company Peckshield, Cryptoslate informed.
Cryptoslate further informed that Peckshield claimed that the hacker took advantage of the contract’s “BondFixedExpiryTeller’s” incapacity to properly authenticate the transfer request. The associated OlympusDAO’s BondFixedExpiryTeller contract includes a redeem() function that does not correctly check the input, resulting in a loss of about $292,000, the company continued.
On its Discord channel, the OlympusDAO team said that it had discovered the issue, revealing that the attacker had syphoned off money from the OHM bond contract with Bond Protocol. According to the protocol, the auditors of the company did not discover the bug, and the attacker could have made considerably more money if he had disclosed it to Immunefi. The team went on to say that the more than $200 million bets on its platform were secure. OlympusDAO and Bond Protocol have not yet responded to CryptoSlate’s request for comment as of the time of publication, Cryptoslate further informed.
(With insights from Cryptoslate)
Also Read: Hackers take control of cryptocurrency-based Gate.io’s Twitter handle to promote a fake giveaway
Follow us on Twitter, Facebook, LinkedIn
