TL:DR

On June 8, 2022 ApolloX token (APX) dropped by 52.12% resulting from a hack that used a function claim() in ApolloxExchangeTreasury repeatedly. The attacker received about 53 Million $APX tokens from the contract and then swapped them via PancakeSwap for $BUSD or ~$2,150,414 Million USD at time of writing.

They are using standard ECDSA from Openzeppelin version 3.2.0. The generation of signatures is outside of this contract therefore out of our audit scope.

Event Summary

ApolloX officially announced that they were hacked the same day as the incident. An attacker exploited a flaw in the trading rewardst to accumulate signatures that they then used to withdraw $APX tokens and swap those for $BUSD. ApolloX temporarily disabled the withdraw function on DEX for approximately 4 hours, resolved the issue, and resumed the withdraw function on DEX. ApolloX published on all their social media platforms that they plan to make up for the losses via the open repurchase of APX and APX earned from exchange trading fees. Twitter link of their announcement: ApolloX on Twitter

The project was launched in December 2021, and APX is the native token of the ApolloX Exchange. APX is a BEP-20 token on the Binance Smart Chain (BSC).

Exploit Transactions

The attacker claimed ApolloX Tokens using these transactions:

0x21e5e

0x67a90

0xccc9e

0x34b29

Then swapped on PancakeSwap:

~5 Million APX for 246,560 BUSD 0xc2607

~7 Million APX for 291,276 BUSD 0xe944b

~7 Million APX for 246,243 BUSD 0x55c45

~7 Million APX for 213,971 BUSD 0x57030

~7 Million APX for 160,999 BUSD 0xf2568

~7 Million APX for 115,535 BUSD 0xdf7e6

~7 Million APX for 183,061 BUSD 0x72c7c

~7 Million APX for 143,451 BUSD 0x902eb

Attack Flow

The attacker called multiple contracts which in turn called function claim() in ApolloxExchangeTreasury repeatedly. The function successfully validated the input message and signature with ECDSA.recover(), and transferred the corresponding token amount from the contract to the attacker.

The attacker dumps the APX token for BUSD via PancakeSwap.

Contracts Vulnerability

Profit and assets tracing

The attacker earned about ~2.1 Million BUSD

These assets were then transferred to ZAP bridge in the following 3 transactions:

0x3d141

0x07e44

0x25ee8

The assets are later transferred to 0x9E532 on Etherscan

Would we spot this issue during the audit?

They are using standard ECDSA from Openzeppelin version 3.2.0. The generation of signatures should be outside of contract audit.

Centralized control of signature is included in findings related to “Centralization Related Risks.”