CertiK Logo
Products
Company
Cancel
Back to all stories
Analysis Reports
Revisiting The Day of Defeat Rugpull
7/3/2022
Revisiting The Day of Defeat Rugpull

TL;DR

On May-05-2022 +UTC, approximately $1.35M worth of assets were stolen from the DoD token. The involved addresses are: 0x2cbf... and 0x404b...

Event Summary

Day of Defeat (DOD) claimed on their website that they were a "radical social experiment token" and that it was "mathematically designed to give holders a 10,000,000X" price increase. The roadmap had plans in place up until 2024. According to their website every transaction was taxed 19% with 4% going to "marketing" and 15% to the "transitional wallet" and to the "prize fund". DOD’s whitepaper said that everything sent there was going to be sold for BUSD or BUSID and when the prize fund hit $100 million, one of the token holders would win that money.

On 5 May 2022, the Day of Defeat wallet was emptied leading to a loss of ~$1.35 million. The money was transferred from the project into other wallets causing the NFT to crash in value by 96%. On social media, DOD denied that this was a rugpull, and claimed that they were a victim of an exploit: "The private keys of the (2) contract related wallets were compromised".

~$1.35 million worth of DOD tokens were sent to 2 wallet addresses - 0x2cbf... and 0x404b... All of the tokens were then swapped for BNBs via pancakeswap. After being swapped for BNBs, the funds were then distributed to other hot wallets.

Day of Defeat(DOD) Token address: https://bscscan.com/token/0xc709878167ed069aea15fd0bd4e9758ceb4da193

Attack Technical Analysis

DoD token Rugpull Addresses:

Rugpull Address 1: 0x2cbf...

DoD token source (M Address): 0xe054...

Rugpull Address 2: 0x404b...

DoD Token source (A address): 0xd9b8...

The tax address “M” and “A” of the DoD token provided large amount of DoD tokens to addresses (0x2cbf... and 0x404b...) and those DoD tokens were further swapped for BNBs. The tax address (M address) sent 8,881,133,116,766 DoD tokens to the 0x2cbf... in the transaction: 0x8e20...

The address 0x2cbf swapped the DoD token to BNB in the DoD-BNB pool

Contract Vulnerability Analysis

Address A and M are prebuilt tax addresses in DOD token

ef303e65-6201-4ad4-af8e-1b9684a5fb27

For each _transfer, the tax was transferred to address A and M:

59200b01-19cf-4e70-89f7-ea6a81fe94b4

A large amount of DOD token was accumulated in both A and M accounts and both tax addresses were EOA.

Profit and Assets Tracing

Pair Loss

  • The BNB amount in the DoD-BNB pool decrease from 3,982 to 666. Around ~ $ 1,248,971K (3,316 BNB) is rugged.

  • The BSC-USD amount in the BSC-USD-DoD pool decrease from 1,004 to 170. Around $310K (824 BSU-USD) is rugged

Profit from Rugpull

  • Rugpull Address 1: 0x2cbf... received ~ 3190.9 BNB = 1,202,969.3 USD

  • Rugpull Address 2: 0x404b... received ~151,344.7616 USDT

For a total loss of ~$1.35M USD