Hackers withdrew $1,4 million in cryptocurrency from the OMNI platform
Attackers exploited a vulnerability in the collateral mechanism, causing the system to cancel their debt and return the tokens provided as collateral
11.07.2022 - 11:10
360
2 min
0
What’s new? On July 10, the OMNI DeFi-platform, which issues cryptocurrency against NFT collateral, became the victim of a hacker attack. As a result of an exploit of the collateral mechanism, attackers managed to withdraw 1 300 ETH ($1,48 million at Binance exchange rate at the time of publication). OMNI representatives said that users' funds were not affected, the hack only affected internal stocks that are used in beta testing of the platform.
Statement:1/ OMNI is still in a testing (beta). No customer funds were lost, only internal testing funds were affected!We have suspended the OMNI protocol until we completed the investigation and have everything reviewed again by external security and auditing firms.— OMNI (@OMNI_xyz) July 10, 2022
Details of the hack. To carry out the attack, the hackers deposited several NFTs from the Doodles collection on the platform as collateral to obtain a loan in the form of wrapped ETH (wETH). Once the loan was secured, the hackers removed all but one of the non-fungible tokens, causing a glitch in the system that canceled the debt. The remaining NFT wasn't enough to repay, the position was liquidated by the system, and the hackers got their last pledged token back.
According to a statement from cybersecurity company PeckShield, after the hack, the attackers sent all the funds to the Tornado Cash cryptocurrency transaction mixer.
It seems a reentrancy-related hack. @ParallelFi @OMNI_xyz The stolen funds were just mixed via @TornadoCash https://t.co/Nyunlkk3rr pic.twitter.com/XxxVyX80Fq— PeckShield Inc. (@peckshield) July 10, 2022
On June 24, hackers withdrew $100 million in cryptocurrency from Horizon cross-chain on the Harmony network. The platform had to suspend the operation of the network. Project representatives said they had begun cooperating with US law enforcement agencies to investigate what happened. Elliptic analysts later suggested that North Korean hackers could be behind the Harmony hack.
Useful material?
Market
Tether Finance division will be responsible for the issuance and redemption of USDT stablecoins
Apr 18, 2024
Trends
The first project introduced on the platform will be BounceBit (BB)
Apr 18, 2024
Business
The rate exchange of the native ACH token reacted with a 10% increase
Apr 18, 2024
Market
Miners are hunting for the first block after halving as the value of the first satoshi could exceed $1 million
Apr 18, 2024
Market
The platform will be non-custodial and accessible to everyone
Apr 15, 2024
Market
China Asset Management, Harvest Global Investments, and Bosera Asset Management have received permits
Apr 15, 2024