Hacker steals $300 000 from Olympus DAO and returns it hours later
A hacker took advantage of a vulnerability in the smart contract on the bonds of the platform’s native token
23.10.2022 - 07:00
634
2 min
0
What’s new? On October 21, the Olympus DAO protocol was hacked, causing a hacker to withdraw 30 437 of the project’s native tokens OHM (about $300 000 at the time of the attack). According to Decrypt, the developers reported it on their Discord channel. A few hours later, however, the hacker returned all of the stolen assets back. Olympus DAO representatives noted that this bug was not detected by either three auditors or their internal code review.
More details about the hack. According to cybersecurity firm PeckShield, the hacker found a loophole in the parameters of the smart contract of the project Bond Protocol that was used for the pilot launch of OHM bonds. Analysts noted that no vulnerabilities were found in the Olympus DAO code itself.
It seems the related @OlympusDAO's BondFixedExpiryTeller contract has a redeem() function that does not properly validate the input, resulting in ~$292K loss. https://t.co/dkhC5Ex9sz https://t.co/ikidpLyBga pic.twitter.com/wu5tUrepS6— PeckShield Inc. (@peckshield) October 21, 2022
Notably, if the hacker had reported the vulnerability on the Immunefi platform, he could have claimed a reward of up to $3,3 million.
What is known about Olympus DAO? It is a decentralized protocol run by a decentralized autonomous organization (DAO), founded in 2017. According to the developers, the OHM token is resistant to censorship, has high liquidity, and is actively used in Web 3.0. OHM is backed by other digital currencies, such as DAI and FRAX, held in the Olympus treasury.
As of October 22, 12:25 UTC, the OHM token is trading at $9,96, having gained 1,38% per day, according to CoinMarketCap. Its capitalization is $16,56 million.
On October 18, hackers attacked the DeFi platform Moola Market and withdrew assets worth about $8,4 million. They were able to artificially inflate the price of the project’s native token MOO in order to take loans backed by it and take out other assets. After some time, the hackers recovered 93,1% of the stolen cryptocurrencies.
Useful material?
Telegram 
Twitter Market
According to the preliminary plan, the free coin giveaway will take place in January 2025
Dec 27, 2024
Market
The fund’s issuer will be Donald Trump associate Vivek Ramaswamy’s Strive company
Dec 27, 2024
Market
Digital assets have made it easier to conduct transactions in the face of sanctions
Dec 25, 2024
Mining
The restrictions are designed to maintain the balance of energy consumption, taking into account the demands of the industry
Dec 24, 2024
Market
Due to supply shortages, the asset’s pre-market exchange rate was climbing above $1000
Dec 16, 2024
Incidents
Reports about the hacking of the exchange with calls to withdraw assets began to spread on December 13
Dec 13, 2024
Cryptocurrency rates
-
Bitcoin
$97 789
BTC
+1.44%
-
Ethereum
$3 583.47
ETH
+4.09%
-
Ripple
$2.44
XRP
+0.94%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Dogecoin
$0.388821
DOGE
+14.28%
-
Cardano
$1.06
ADA
-0.2%
-
Stellar XLM
$0.459636
XLM
+1.84%
-
Polkadot
$7.67
DOT
+1.81%
-
Bitcoin Cash
$472.69
BCH
+2.91%
-
Litecoin
$111.44
LTC
+5.24%