Cyber Security News

Buggy contract: DODO loses $3.5 million in recent attack

TL;DR Breakdown

  • Several DODO V2 Crowdpools have been exploited, resulting in the loss of about $3.5 million.
  • The exchange expects to recover about $1.8 million of the drained funds.

One of the leading decentralized exchanges (DEX), DODO, has confirmed an attack today that resulted in the loss of millions of dollars from some of its V2 Crowdpools. As the exchange team explained in an announcement on Tuesday, there was a bug in the smart contract, which allowed the exploiter to successfully perform the attack. The DEX, which also runs on the Binance Smart Chain (BSC), just became the latest platform exploited in the decentralized finance space.

DODO blames a bug on V2 Crowdpooling smart contract

As explained, the following DODO V2 Crowdpools were affected in the recent exploit – the WSZO, WCRES, ETHA, and FUSI pool. The reported bug in the smart contract allows the exploiter to the init() function to be called multiple times, meaning the pools may have been attacked when:

“Exploiter creates a counterfeit token and initializes the smart contract with it by calling the init() function. Exploiter calls the sync() function and sets the “reserve” variable, which represents the token balance, to 0. Exploiter calls init() again to re-initialize – this time with a “real” token (i.e., tokens in DODO’s pools). Exploiter uses a flash loan to transfer all real tokens from the pools and bypass the flash loan check.”

Trading unaffected

About $3.8 million was drained from the affected pools, according to the announcement. However, the exchange expects to recover $1.88 million of the funds drained. Regardless of the incident, trading on the decentralized exchange wasn’t affected. Neither were the “wallet addresses that have given DODO approvals” affected. The native token of the exchange, DODO, doesn’t seem to be affected by the exploit.

During press time, it was trading at $4.03 on Coinmarketcap, with a 24-hour price change of about two percent.

This post was last modified on March 12, 2021 8:37 am

Ibiam Wayas

Ibiam is an optimistic crypto journalist. Five years from now, he sees himself establishing a unique crypto media outlet that will breach the gap between the crypto world and the general public. He loves to associate with like-minded individuals and collaborate with them on similar projects. He spends much of his time honing his writing and critical thinking skills.

Recent Posts

Myanmar junta crackdown on cryptocurrencies

TL;DR Breakdown Myanmar junta places ban on cryptocurrencies.Violators of ban to face 6 months to1… Read More

January 24, 2022

Polkadot wants to become official sponsors of FC Barcelona

TL;DR Breakdown Polkadot proposes to be official shirt sponsors of FC Barcelona.Music platform, Sportify also… Read More

January 24, 2022

BITO Price Prediction 2022-2025

BITO sold $290M worth of shares in just the first 20 minutes of trading but… Read More

January 24, 2022

Bitcoin, Ethereum, Solana, Cardano; Price Analyses — 24 January Morning Prediction

TL;DR breakdown Bitcoin has gone 21.7% down over the last 7 days Ethereum juggling to face… Read More

January 24, 2022

Bitcoin Price Analysis: BTC briefly spikes to $33,000, major reversal incoming?

TL;DR Breakdown Bitcoin price analysis is bullish today.BTC/USD peaked at $36,000 yesterday.Lower low set at… Read More

January 24, 2022

Terra price analysis: LUNA price goes down to $63, as bears define the price function

TL;DR Breakdown The Terra price analysis is bearish today.Resistance for LUNA is present at $69.Support… Read More

January 24, 2022

This website uses cookies.