Ad
News
White hat hacker returns $300k gained from OlympusDAO exploit White hat hacker returns $300k gained from OlympusDAO exploit

White hat hacker returns $300k gained from OlympusDAO exploit

The hacker had exploited the contract's "BondFixedExpiryTeller,” inability to validate the transfer request properly.

White hat hacker returns $300k gained from OlympusDAO exploit

Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.

Join Japan's Web3 Evolution Today

Blockchain security firm Peckshield said that a hacker who exploited 30,437 OHM tokens (worth roughly $300,000) from an Olympus DAO’s smart contract earlier today has returned the funds to the DAO in two transactions.

According to Peckshield, the hacker exploited the contract’s “BondFixedExpiryTeller,” inability to validate the transfer request properly. The firm continued, “the related OlympusDAO’s BondFixedExpiryTeller contract has a redeem() function that does not properly validate the input, resulting in ~$292K loss.”

The OlympusDAO team confirmed the exploit on its Discord channel, revealing that the attacker drained the funds from the OHM bond contract with Bond Protocol. The protocol also stated that the bug was not found by its auditors, and the attacker could have earned much more if he had reported it via Immunefi.

The team continued that the over $200 million staked on its platform were safe.

CryptoSlate did not get a response to its request for comment from OlympusDAO and Bond Protocol as of press time.

Meanwhile, the Olympus community has hailed the hacker for being a white hat.

Posted In: Hacks