Blockchain safety agency Peckshield mentioned {that a} hacker who exploited 30,437 OHM tokens (value roughly $300,000) from an Olympus DAO’s sensible contract earlier at the moment has returned the funds to the DAO in two transactions.
In response to Peckshield, the hacker exploited the contract’s “BondFixedExpiryTeller,” lack of ability to validate the switch request correctly. The agency continued, “the associated OlympusDAO’s BondFixedExpiryTeller contract has a redeem() operate that doesn’t correctly validate the enter, leading to ~$292K loss.”
It appears the associated @OlympusDAO‘s BondFixedExpiryTeller contract has a redeem() operate that doesn’t correctly validate the enter, leading to ~$292K loss. https://t.co/dkhC5Ex9sz https://t.co/ikidpLyBga pic.twitter.com/wu5tUrepS6
— PeckShield Inc. (@peckshield) October 21, 2022
The OlympusDAO workforce confirmed the exploit on its Discord channel, revealing that the attacker drained the funds from the OHM bond contract with Bond Protocol. The protocol additionally acknowledged that the bug was not discovered by its auditors, and the attacker may have earned way more if he had reported it by way of Immunefi.
The workforce continued that the over $200 million staked on its platform have been protected.
CryptoSlate didn’t get a response to its request for remark from OlympusDAO and Bond Protocol as of press time.
In the meantime, the Olympus neighborhood has hailed the hacker for being a white hat.