White hat hacker returns $300k gained from OlympusDAO exploit

Must read

CryptoSlate Wrapped Daily: Bitcoin worth $1.5B leaves Coinbase; Mid-cap tokens outperform Bitcoin

CryptoSlate Wrapped Daily: Bitcoin worth $1.5B leaves Coinbase; Mid-cap tokens outperform Bitcoin Christian Nwobodo · 3 hours ago · 3...

Bahamas Securities Commission calls FTX CEO John Ray’s allegations inaccurate; says its actions were ‘misinterpreted’

Bahamas Securities Commission calls FTX CEO John Ray’s allegations inaccurate; says its actions were ‘misinterpreted’ Oluwapelumi Adejumo · 5 hours ago...

Glassnode and CryptoSlate Deep Dive: How a cold winter is impacting Bitcoin miners and why the fear has just begun – Issue 01

Glassnode Special OfferExplore all the live charts covered in this report in Glassnode Studio. ⚡Special offer⚡For a limited time, you can save 40% on a...

Huobi Token continues run of strong form, up 64% since bottoming

Huobi Token continues run of strong form, up 64% since bottoming Samuel Wan · 4 hours ago · 2 min...

White hat hacker returns $300k gained from OlympusDAO exploit White hat hacker returns $300k gained from OlympusDAO exploit Oluwapelumi Adejumo · 21 hours ago · 1 min read

The hacker had exploited the contract’s “BondFixedExpiryTeller,” inability to validate the transfer request properly.

1 min read

Updated: October 21, 2022 at 5:58 pm

White hat hacker returns $300k gained from OlympusDAO exploit

Cover art/illustration via CryptoSlate

Xeggex

Blockchain security firm Peckshield said that a hacker who exploited 30,437 OHM tokens (worth roughly $300,000) from an Olympus DAO’s smart contract earlier today has returned the funds to the DAO in two transactions.

According to Peckshield, the hacker exploited the contract’s “BondFixedExpiryTeller,” inability to validate the transfer request properly. The firm continued, “the related OlympusDAO’s BondFixedExpiryTeller contract has a redeem() function that does not properly validate the input, resulting in ~$292K loss.”

It seems the related @OlympusDAO‘s BondFixedExpiryTeller contract has a redeem() function that does not properly validate the input, resulting in ~$292K loss. https://t.co/dkhC5Ex9sz https://t.co/ikidpLyBga pic.twitter.com/wu5tUrepS6

— PeckShield Inc. (@peckshield) October 21, 2022

The OlympusDAO team confirmed the exploit on its Discord channel, revealing that the attacker drained the funds from the OHM bond contract with Bond Protocol. The protocol also stated that the bug was not found by its auditors, and the attacker could have earned much more if he had reported it via Immunefi.

The team continued that the over $200 million staked on its platform were safe.

CryptoSlate did not get a response to its request for comment from OlympusDAO and Bond Protocol as of press time.

Meanwhile, the Olympus community has hailed the hacker for being a white hat.

More articles

Latest article

CryptoSlate Wrapped Daily: Bitcoin worth $1.5B leaves Coinbase; Mid-cap tokens outperform Bitcoin

CryptoSlate Wrapped Daily: Bitcoin worth $1.5B leaves Coinbase; Mid-cap tokens outperform Bitcoin Christian Nwobodo · 3 hours ago · 3...

Bahamas Securities Commission calls FTX CEO John Ray’s allegations inaccurate; says its actions were ‘misinterpreted’

Bahamas Securities Commission calls FTX CEO John Ray’s allegations inaccurate; says its actions were ‘misinterpreted’ Oluwapelumi Adejumo · 5 hours ago...

Glassnode and CryptoSlate Deep Dive: How a cold winter is impacting Bitcoin miners and why the fear has just begun – Issue 01

Glassnode Special OfferExplore all the live charts covered in this report in Glassnode Studio. ⚡Special offer⚡For a limited time, you can save 40% on a...

Huobi Token continues run of strong form, up 64% since bottoming

Huobi Token continues run of strong form, up 64% since bottoming Samuel Wan · 4 hours ago · 2 min...