Back to all stories
Blogs
Incident Analysis
CryptoBottle Incident Analysis
10/31/2024
CryptoBottle Incident Analysis

Incident Summary

In October 2024, CryptoBottle on Polygon was exploited on three separate occasions with combined losses totalling ~$527k. In the latest incident on 24 October, the largest of the three, an attacker exploited a critical vulnerability to disable a balance check in the swap() method after callback, and made arbitrary swaps to acquire a large amount of NAS tokens which they then sold to drain the project of ~$490k USDT.

Following the incident the project announced via their Discord that the protocol would be suspended while they improve security.

cryptobottle1

Two other incidents had already occurred in October, one of which was by the same exploiter.

  • On 1 October approximately $6,000 was taken from contract 0x34EFEbC3fdfC4503547116234E4efb203C90ca72 (NA) due to missing access control on the contract’s withdrawUserLIquidity() function.
  • On 22 October CryptoCuvee contract 0x4660083D21e3A7e1eC5af8f46A31dCFAa78479Ed was exploited for $31k. This time there was code vulnerability allowing the attacker to purchase all of the Cryptobottles and instantly extract their contents.

Key Transactions

The following analysis focuses on the incident on 24 October.

Attack Transactions

Contract creation:

Exploit transactions:

Attack Flow and Vulnerability

Addresses

Exploiter:

  • 0x9cE632E5FDB7151ee84e55Cf323CDb7A2977C7CE
  • 0x5ec50b39829ab40291745fea6e11f10f3845fadb Vulnerable Contract: 0x5d6084Bf7a8049Fd3db89a7af9e7291002F36Ac7 (Navigator’s Adventage)

Vulnerability

Flash swaps are an integral feature of Uniswap V2, during which, pair contracts send output tokens to the recipient before enforcing a balance check to ensure that enough input tokens have been received for the swap. If this balance check is bypassed, anyone can make any deal and drain the pair which is the case for this incident.

cryptobottle2

The vulnerable Navigator’s Adventage contract let users acquire NAS tokens either by minting at a fixed price or by swapping, like on a typical automated market maker (AMM). This option is supposed to be controlled by the 'fixedPriceEnabled’ variable. However, anyone can set this variable to True or False as it is controlled by public functions.

cryptobottle3

When 'fixedPriceEnabled' is set to true, the mint() method is enabled and 'fixedPrice' is set to 10 20. Critically, the balance check in the swap() function is disabled after callback. This means anyone can effectively make any deal they wanted through swap(). The attacker used this to swap X amount of NAS tokens for 1 USDT.

cryptobottle4

Step by Step

  1. Before conducting any swaps, the attacker first called function 0xeebe2e12() which set 'fixedPriceEnabled' at storage 0xe to True. 0xecde63a09b2d1a83eeb3cd2b693038dc9ea3258d5be1c13eea336381ade8eae5

cryptobottle5

cryptobottle6

  1. The attacker then called the “Invest()“ function on the attack contract to make several arbitrary swaps with just 1 USDT to acquire large amounts of NAS tokens. a. 1 USDT → 1,000 NAS b. 1 USDT → 10,000 NAS c. 1 USDT → 40 million NAS (three times)

cryptobottle7

  1. The attacker set 'fixedPriceEnabled’ at storage 0xe back to False via function 0xf9ae(). They then called “Claim“ on the attack contract and conducted several normal swaps to dump the acquired NAS tokens and drain the USDT held in the Navigator’s Adventage contract.

cryptobottle8

Fund Flow

On 24 October 2024, between 3PM and 3:30PM, wallet address 0x9cE632E5FDB7151ee84e55Cf323CDb7A2977C7CE and associated attack contract 0xfCDd0d0A914bE6e64AE099646CCda189F8323556 received a total of 493 652,17 USDT from Navigator’s Adventage (NA) Contract 0x5d6084Bf7a8049Fd3db89a7af9e7291002F36Ac7.

Screenshot 2024-11-01 at 14.40.58

Less than a hour later, the funds were sent to a new address: 0x5ec50b39829ab40291745fea6e11f10f3845fadb.

cryptobottle10

0x5ec is linked to the second incident involving CryptoCuvee contract 0x4660083D21e3A7e1eC5af8f46A31dCFAa78479Ed, also owned by CryptoBottle, on 22 October. At the time of writing, the funds are still held in the wallet.

Screenshot 2024-11-01 at 14.41.31

The Stats

In October 2024 we recorded 21 incidents as a result of code vulnerabilities with a total loss of $2.4M. Code vulnerabilities account for the second highest number of incidents behind major phishing incidents, for which we recorded 26 incidents during the month. Losses from code vulnerabilities however are significantly lower than phishing incidents and private key compromises. During the same period in 2023, there were 12 incidents due to code vulnerabilities, resulting in losses of approximately $1.5M.

cryptobottle12

To mitigate vulnerabilities, it is recommended to conduct regular audits of smart contracts. To keep up to date on the latest incident alerts and statistics follow @certikalert on X, or read our latest analysis on certik.com.