HomeSecurity OperationsHacker takes advantage of vulnerability in Dolomite Project, makes off with $1.8M...

Hacker takes advantage of vulnerability in Dolomite Project, makes off with $1.8M in USDC

Published on

spot_img

A security breach in the Dolomite project’s USDC smart contracts resulted in a hacker stealing $1.8 million worth of USD Coin (USDC), as reported by CertiK, a blockchain security firm. The hacker exploited a flaw in the old DolomiteMarginProtocol contract, taking advantage of approvals granted to the contract owner before the system was shut down in 2020. The attack specifically targeted old users of the platform who maintained approval for the outdated contract.

The security vulnerability stemmed from the `callFunction` function within the DolomiteMarginProtocol contract, which granted arbitrary access and made the contract susceptible to unauthorized transactions. The intended safeguard was to restrict the use of `callFunction` through the `noEntry` mechanism, which was only supposed to be disabled after the execution of another function, `singleEntry`.

However, the attacker found a workaround to bypass the `noEntry` restriction by leveraging a function in a separate contract called `SoloMargin`, allowing them to execute unauthorized transactions and steal funds from the contract auditors. This breach highlights the importance of robust security protocols and continuous monitoring to detect and prevent potential vulnerabilities in smart contracts.

Following the incident, Dolomite disabled the compromised contract to prevent further unauthorized access and mitigate any potential risks to users. However, the impact was limited to users who had interacted with the old Dolomite platform before 2020 and maintained approval for the outdated contract.

In response to the security breach, Dolomite’s development team is likely to conduct a thorough review of their smart contracts and implement additional security measures to prevent similar exploits in the future. It is crucial for blockchain projects to prioritize security and regularly update their protocols to stay ahead of malicious actors seeking to exploit vulnerabilities for financial gain.

As the cryptocurrency and blockchain industry continues to evolve, the importance of cybersecurity cannot be understated. Companies must remain vigilant and proactive in addressing potential threats to ensure the safety and security of user assets and data. By learning from incidents like the Dolomite hack, the industry can strengthen its defenses and enhance the overall resilience of blockchain networks against malicious attacks.

Source link

Latest articles

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...

Reducing Threats from the IABs Market

As ransomware attacks continue to escalate in frequency and severity, one of the key...

More like this

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...
en_USEnglish