Ad
News
Temple DAO hacked for over $2.3M Temple DAO hacked for over $2.3M

Temple DAO hacked for over $2.3M

TempleDAO has taken down the dApp to avoid accidental usage and is offering the hacker a legal bounty for the exploit.

Temple DAO hacked for over $2.3M

Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.

DeFi protocol Temple DAO lost over $2.3 million on Oct. 11 to a hack first spotted by Twitter user Spreekaway and confirmed by blockchain analytical firm Peckshield.

According to Peckshield, the hacker funded the attack from SimpleSwap and has transferred 1,831 ETH to a new address, 0x2B63d.

TempleDAO retweeted a Twitter thread about the exploit from the DeFi protocol Stax Finance. According to the thread, 321,154 xLP tokens were stolen from the xLP Staking contract and converted to 1,418,303 $TEMPLE tokens and 1,262,438 $FRAX. The TEMPLE tokens were also later sold for FRAX.

It was revealed that the hacker exploited a “missing onlyMigrator check” function in the StaxLPStaking contract.

Meanwhile, TempleDAO has taken down the dApp to avoid accidental usage. The team urged the hacker to return the funds, offering him a legal bounty for the exploit.

Another blockchain security firm CertiK wrote that the “cause of this attack is that migrateStake function does not check if the input oldStaking is expected. As a result, attackers can forge oldStaking contracts to arbitrarily add balances.”

Mentioned in this article
Posted In: Hacks