Verichains Weekly Security Digest | June 2023 Week 5
In this week's Digest, the DeFi market lost over $1,800,000. Attackers exploit vulnerabilities such as business logic flaws, missing permission checks, reflection tokens, flashloan exchange rate manipulation, malicious governance proposals, and price manipulation
💥Type: Business Logic Flaw
💸Loss amount: $17,000
A DeFi project called MIM was exploited for $17,000 due to a vulnerability in the swap() function of the ZeroXStargateLPSwapper contract, swapping USDT to MIM tokens with the attacker as the recipient. The exploit was detected nearly two minutes before the attack took place.
💥Type: Missing Permission Check
💸Loss amount: $125,000
AraBlocks was exploited last week for $125,000 due to a vulnerability in a swap contract that allowed an attacker to exploit funds approved by the victim. The attacker borrowed USDT, converted the victim's ARA tokens into USDT, manipulated the ARA token price, forced the victim to buy ARA at a high price, and then repaid the borrowed USDT. The estimated profit from the attack was around $125,000.
💥Type: Reflection Token
💸Loss amount: $12,096
A token called $BUNN was exploited for over $12,000. The attacker had exploited it’s
deliver method that allows users to decrease their own balance and change the total supply. However, there is an incorrect rate between
_tTotal in the BUNN contract. The attacker exploited this by performing a flash loan, manipulating the total supply of BUNN, and profiting from the token by exchanging it for BNB. This process can be repeated for further gains.
🚨Project: Midas Capital
💥Type: Flashloan Exchange Rate Manipulation
💸Loss amount: $600,000
Midas Capital had recently lost over $600,000 due to a rounding issue in their lending protocol which was forked from the popular
compoundfinance v2 code base. The attack is reminiscent to the $7,000,000 Hundred Finance exploit in late April this year, where an attacker gave 200 WBTC to Hundred Finance and got 200hWTC tokens to then deposited 500 WBTC which caused the price of hWBTC to rise by 250 times. This allowed the hacker to use hWBTC as collateral to borrow funds from other markets and drain current lending pools.
🚨Project: Atlantis Loans
💥Type: Malicious Governance Proposal
💸Loss amount: $1,000,000
Atlantis Loans was attacked for another $1,000,000 following last week's exploit where the attacker exploited a governance proposal by submitting a malicious proposal that changed the admin address of ABep20Delegator tokens. With a voting power exceeding the required quorum votes, the attacker successfully cast their vote, leading to the acceptance of the proposal. After a timelock duration, the attacker executed the proposal, setting a new implementation for ABep20Delegator contracts and exploiting a backdoor contract to steal all the underlying tokens held in those contracts.
Furthermore, an additional $500,000 were lost due to multiple small attacks happening between the two significant exploits. The total stolen amount is currently over $2,500,000.
🚨Project: Baby Doge
💥Type: Price Manipulation
💸Loss amount: $100,000
Baby Doge was recently exploited for $100,000. The attacker used flash loans with USDT and BUSD to borrow over 99k BNB in Venus vBNB. They then exchanged the BNB for 17k BabyDoge tokens and manipulated the BabyDoge price by removing liquidity from a pool. Finally, they repaid the loan by swapping just 1 BabyDoge token, making a profit of around $100k.