Another platform attacked using simple exploit scheme
PeckShield, one of the best-known blockchain security companies in the industry, has shared information about, perhaps, one of the biggest exploits by hackers recently. Today the victim is DeusDao, which is the “world’s leading decentralized bilateral OTC derivatives platform”, with $13.7 million in lost funds with possibly even more damage.
As the security firm suggests, the hack was possible thanks to the manipulation of the price oracle via flashloan. By manipulating the price oracle, hackers could borrow and drain the pool while not paying the corresponding collateral. As PeckShield suggested, the hack scheme was not new and had been used previously for exploiting other DeFi platforms.
PeckShield also outlined the exact four steps that allowed a hacker or group of hackers to steal the aforementioned funds. First, the hackers loaned $143 million USDC and exchanged it for 9.5 million DEIO using the sAMM-USDC/DEI_USDC_DEI pair, which made the DEI extremely expensive. With only 71,436 DEI in collateral, the hacker could borrow 17 million DEI through price manipulation and repay the flashloan, while leaving $13 million in hacking profits.
The whole exploit is possibly due to issues in the code that mess up the price oracle function responsible for proper price balancing.
As the post suggests, the initial 800 ETH that was used to initiate the hack process was withdrawn from the TornadoCash coin mixing solution and then sent to Fantom using multichain.
Following the successful hack, funds were sent back to Ethereum wallet ending in a37cb and then sent to TornadoCash once again in order to cover all tracks remaining after another hack. Most likely, the hack is tied to one of the hacker group who have repetedly attacked various DeFi and NFT projects since last month.
