CertiK Logo
CertiK Logo
Products
Blogs
Company
incident-response

Products & Technology

Featured Ecosystems

Company

English
Back to all stories
Reports
Incident Analysis
DFX Finance
11/10/2022
DFX Finance

TL;DR

On Nov 10, 2022, DFX Finance's swapping contracts were attacked, leading to a loss of ~$5M.

Introduction

At 8 PM UTC on Nov 10, 2022, DFX Finance's swapping contracts were attacked, leading to a loss of approximately $5M. The attacker took advantage of the vulnerable flashloan mechanism in the swapping contracts, bypassed the check of repaying the flashloan by depositing tokens to the contracts, and withdrew tokens from contracts after finishing the flashloan.

Attack Flow

  1. The attacker flashloaned 223K CAD coin and 90K USD Coin from the pool.
  2. In the flashloan callback function, the attacker called deposit() function with the flashloaned tokens AND some additional tokens.
  3. Since the deposit() function call increased the balance of both tokens in the pool, the balance check was bypassed.
  4. Therefore, the attacker “repaid” the flashloan via the deposit() invocation, but instead got the 1.58M LP tokens via the deposit() invocation.
  5. The attacker finally called withdraw() function to burn the LP tokens and got the CAD tokens and USD Coin as profit.

Screen Shot 2022-11-10 at 5.52.29 PM

(35 * 100 + 2) ETH(Tornado cash) + ~550K()(remain) = ~5M DeBank | Your DeFi wallet

Addresses

Exploiter: DeBank | Your DeFi wallet

Attacker Contract: [https://etherscan.io/address/0x6cfa86a352339e766ff1ca119c8c40824f41f22d#code

Decompiled code of 0x6cFa86a352339E766FF1cA119c8C40824f41F22D,](https://library.dedaub.com/contracts/Ethereum/6cFa86a352339E766FF1cA119c8C40824f41F22D/decompiled?line=1) a smart contract deployed on the Ethereum blockchain

One of the exploit txn: https://etherscan.io/tx/0x9ef031cfedd1bd8ad91d84418ee6110e5558276a338fc11892f0013d269f27f8

Profit and Assets Tracing

Screen Shot 2022-11-10 at 5.48.58 PM

Screen Shot 2022-11-10 at 5.49.06 PM

Vulnerability

The vulnerability lies in the design issue where the contract does not take into consideration that the flashloaned tokens can be used for deposit and “repay” flashloan. Therefore, when calling flashloan, the contract needs to prevent other functions like “deposit()” function to increase the balance of the pool. A recommended solution is to add a reentrancy guardrail for all related functions.

At time of writing DFX had paused impacted protocols, but vulnerability remains.

Related Stories
Prisma Finance Incident Analysis
Blogs
Incident Analysis
On 28 March, Prisma Finance was exploited by multiple addresses leading to a loss of approximately $12.3 million. Three attackers took advantage of a vulnerability in the Prisma Finance MigrateTroveZap contract which allowed them to manipulate a migration process. Since the exploit occurred, a wallet that received funds from the main exploiter has reached out to the Prisma Finance deployer declaring that their actions were a white hat rescue.
3/29/2024
Post Mortem: TerraPort Finance
Blogs
Incident Analysis
On April 10th, 2023, the Terraport project team was alarmed breach detected with the Terraport Liquidity wallet. The total loss is around $4M.
1/8/2024
Post Mortem: Thoreum Finance
Blogs
Incident Analysis
On Jan 18, 2023, Thoreum Finance's token contract v4 was exploited, leading to a loss of around 2,260 WBNB. The attacker took advantage of the flawed implementation in the token contract's transfer function and manipulated its balance.
1/8/2024
CertiK Logo
SOC
© 2024 by CertiK. All Rights Reserved.
Products & Technology
Smart Contract AuditSkynetSecurity ScoreKYCPenetration TestingBug BountyFormal VerificationAdvisory ServicesSkyHarborSkyInsights
Company
AboutVenturesBlogCareersDisclaimerPrivacy PolicyCookie PolicyTerms and ConditionsTrust and Security
Social Media
CertiKSecurity LeaderboardCertiK AlertTelegramYoutube
MediumLinkedIn
Wechat
Discord
MediumLinkedIn
Wechat
Discord
© 2024 by CertiK. All Rights Reserved.
;