Sunday , November 24 2024
Home / Crypto news / DeFi Hacks Continue: Decentralized Exchange DODO Exploited for up to $3.8M

DeFi Hacks Continue: Decentralized Exchange DODO Exploited for up to $3.8M

Summary:
The hacks and exploits on DeFi projects continue, and the latest victim to fall is the decentralized exchange platform – DODO. The attack targeted several V2 Crowdpools, and the stolen amount could go as high as .8 million.DODO Victimized by HackersThe decentralized finance sector is no stranger to malicious attacks and harmful exploits. The decentralized exchange and liquidity provider DODO is the latest to join the growing number of victims.As the first complaints occurred on Twitter, the project said that it had “temporarily disabled” the pool creation portal as a precautionary measure while promising that it’s working with security partners to recover the funds.Shortly after, the DODO team explained that the attack transpired on March 8th when the undisclosed hackers exploited

Topics:
Jordan Lyanchev considers the following as important: , , ,

This could be interesting, too:

Wayne Jones writes Charles Schwab to Launch Spot Crypto ETFs if Regulations Change

Wayne Jones writes Here’s When FTX Expects to Start Repaying Customers .5B

Dimitar Dzhondzhorov writes Is Cryptoqueen Ruja Ignatova Alive and Hiding in South Africa? (Report)

Wayne Jones writes Casa CEO Exposes Shocking Phishing Scam Targeting Wealthy Crypto Users

The hacks and exploits on DeFi projects continue, and the latest victim to fall is the decentralized exchange platform – DODO. The attack targeted several V2 Crowdpools, and the stolen amount could go as high as $3.8 million.

DODO Victimized by Hackers

The decentralized finance sector is no stranger to malicious attacks and harmful exploits. The decentralized exchange and liquidity provider DODO is the latest to join the growing number of victims.

As the first complaints occurred on Twitter, the project said that it had “temporarily disabled” the pool creation portal as a precautionary measure while promising that it’s working with security partners to recover the funds.

Shortly after, the DODO team explained that the attack transpired on March 8th when the undisclosed hackers exploited several V2 Crowdpool. Namely, those are WSZO, WCRES, ETHA, and FUSI. DODO managed to recover the funds in the AC pool while all remaining pools – all V1 and non-Crowdpool V2 – were safe.

As far as the total stolen amount goes, the project asserted that “approximately $3.8 million, of which $1.88 million is expected to be returned, was drained as a result of these exploits.”

The post reads that one of the attackers already contacted the project and “offered to send back the funds removed from DODO pools.”

DODO said that its V2 Crowdpool had a bug that allowed the hackers to target them successfully. It worked as follows:

The bad actor creates a counterfeit token and initializes the smart contract with it by calling the init() function, then calls the sync() function and sets the “reserve” variable (representing the total balance) to 0. He calls init() again to re-initialize, this time with a “real” token, and uses a flash loan to transfer all such coins from the pools and bypass the flash loan check.

DODO found two individuals working on the exploit and noted that it’s investigating the issue with several notable industry names, such as Binance Smart Chain’s team, 1inch Exchange, PeckShield, and SlowMist.

DODO Token’s Minor Value Drop

In other recent examples of DeFi exploits, the native cryptocurrency of the project plummeted in value somewhat immediately. This was the case with PAID Network as the PAID coin crashed by more than 80% in minutes.

However, the situation with DODO doesn’t seem all that harmful for the token as far. DODO, which saw the light of day as a part of the Binance Launchpool in February, traded at $4.3 approximately at the time when news broke that the DEX was exploited.

Although it’s in the red now, DODO’s drop is significantly less harmful as it has decreased by about 7% to $4.

You Might Also Like:

Leave a Reply

Your email address will not be published. Required fields are marked *