On Friday, October 21, a malicious entity siphoned 30,437 OHM tokens from the Olympus DAO after finding a loophole in the rebase project’s smart contract. Following the exploit, the blockchain security and data analytics company, Peckshield, detailed the hackers stole close to $300K in OHM tokens.
Hacker Exploits Smart Contract’s ‘BondFixedExpiryTeller’ Parameter, $292,000 in OHM Tokens Stolen
After rising to colossal values at the end of 2021, the rebase token economy has collapsed in value, after a myriad of controversies and issues. In mid-January 2022, the top rebase tokens by market capitalization had a market valuation of around $4.99 billion and today, the rebase token economy is down 89.49% to $524 million.
On October 21, the top rebase token project by market valuation, Olympus, suffered from a hack that saw roughly $292K in OHM tokens stolen. On Friday, blockchain security firm Peckshield detailed that the hacker found a loophole via the project’s smart contract “BondFixedExpiryTeller” parameter.
“It seems the related Olympus DAO’s BondFixedExpiryTeller contract has a redeem() function that does not properly validate the input, resulting in [a] ~$292K loss,” Peckshield detailed on Friday. The Web3 and blockchain security auditor Supremacy Inc. confirmed that the attacker leveraged an “arbitrary external call vulnerability” to siphon the 30,437 OHM tokens from the DAO.
The developers behind the Olympus rebase token project validated the $300K loss reports via the project’s Discord channel. “This morning, an exploit occurred through which the attacker was able to withdraw roughly 30K OHM ($300K) from the OHM bond contract,” the Olympus DAO devs told the members of the Discord channel.
The olympus (OHM) token is down roughly 1.2% following the hack, and is trading for just under $10 per unit. Seven-day stats show OHM is down 3.3% and year-to-date, OHM has lost 99% in value against the U.S. dollar. The token tapped a lifetime low on September 19, 2022, at $9.04 per unit and today, the price is roughly 9.3% higher than the all-time low.
At the end of September, Olympus DAO explained in a thread how the project would do away with its high annual percentage yield (APY), which was leveraged to bootstrap the protocol and initialize OHM’s tokenomics.
What do you think about the Olympus DAO hack? Let us know your thoughts about this subject in the comments section below.