In October 2024, CryptoBottle on Polygon was exploited on three separate occasions with combined losses totalling ~$527k. In the latest incident on 24 October, the largest of the three, an attacker exploited a critical vulnerability to disable a balance check in the swap() method after callback, and made arbitrary swaps to acquire a large amount of NAS tokens which they then sold to drain the project of ~$490k USDT.
Following the incident the project announced via their Discord that the protocol would be suspended while they improve security.
Two other incidents had already occurred in October, one of which was by the same exploiter.
The following analysis focuses on the incident on 24 October.
Attack Transactions
Contract creation:
Exploit transactions:
Addresses
Exploiter:
Vulnerability
Flash swaps are an integral feature of Uniswap V2, during which, pair contracts send output tokens to the recipient before enforcing a balance check to ensure that enough input tokens have been received for the swap. If this balance check is bypassed, anyone can make any deal and drain the pair which is the case for this incident.
The vulnerable Navigator’s Adventage contract let users acquire NAS tokens either by minting at a fixed price or by swapping, like on a typical automated market maker (AMM). This option is supposed to be controlled by the 'fixedPriceEnabled’ variable. However, anyone can set this variable to True or False as it is controlled by public functions.
When 'fixedPriceEnabled' is set to true, the mint() method is enabled and 'fixedPrice' is set to 10 20. Critically, the balance check in the swap() function is disabled after callback. This means anyone can effectively make any deal they wanted through swap(). The attacker used this to swap X amount of NAS tokens for 1 USDT.
Step by Step
On 24 October 2024, between 3PM and 3:30PM, wallet address 0x9cE632E5FDB7151ee84e55Cf323CDb7A2977C7CE and associated attack contract 0xfCDd0d0A914bE6e64AE099646CCda189F8323556 received a total of 493 652,17 USDT from Navigator’s Adventage (NA) Contract 0x5d6084Bf7a8049Fd3db89a7af9e7291002F36Ac7.
Less than a hour later, the funds were sent to a new address: 0x5ec50b39829ab40291745fea6e11f10f3845fadb.
0x5ec is linked to the second incident involving CryptoCuvee contract 0x4660083D21e3A7e1eC5af8f46A31dCFAa78479Ed, also owned by CryptoBottle, on 22 October. At the time of writing, the funds are still held in the wallet.
In October 2024 we recorded 21 incidents as a result of code vulnerabilities with a total loss of $2.4M. Code vulnerabilities account for the second highest number of incidents behind major phishing incidents, for which we recorded 26 incidents during the month. Losses from code vulnerabilities however are significantly lower than phishing incidents and private key compromises. During the same period in 2023, there were 12 incidents due to code vulnerabilities, resulting in losses of approximately $1.5M.
To mitigate vulnerabilities, it is recommended to conduct regular audits of smart contracts. To keep up to date on the latest incident alerts and statistics follow @certikalert on X, or read our latest analysis on certik.com.