Share this page!

Enter Twitter Thread URL to Unroll

Needs to be the full URL like: https://twitter.com/threadreaderapp/status/1644127596119195649

How to get URL link on Twitter App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Beosin Alert Profile picture
@BeosinAlert
Apr 16 5 tweets 3 min read Twitter logo Read on Twitter
On Apr 15th, @HundredFinance was exploited for over $7M on #Optimism.
Hundred Finance was also a victim of a reentrancy attack on Mar 2022.
Txs:
0x15096dc6a59cff26e0bd22eaf7e3a60125dcec687580383488b7b5dd2aceea93
0x6e9ebcdebbabda04fa9f2e3bc21ea8b2e4fb4bf4f4670cb8483e2f0b2604f451
2/ The root cause is that the attacker can manipulate the exchangeRate by donating a large amount of WBTC to the hWBTC contract.
In the getAccountSnapshot function, the value of exchangeRateMantissa relies on the amount of WBTC in the contract. ImageImageImage
3/ The attacker flashloaned 500 $WBTC, then called the redeem function to redeem the previously staked 0.3 WBTC.
Next, the attack contract 1 sent 500.3 WBTC to attack contract 2. Contract 2 used 4 BTC to mint 200 hWBTC. The redeem function was then called to redeem the 4 BTC. ImageImage
4/ Here the attacker can redeem the 4 WBTC previously staked with less than 200 hWBTC. At this point the attacker had a very small amount of hWBTC left on contract 2. Image
5/ Attack contract 2 then sent 500.3 WBTC to the hWBTC contract and borrowed 1021.91 ETH via the remaining 2 hWBTCs.
Finally the attack contract 2 repaid the previous debt by using 1 hWBTC, and withdrew 500.3 WBTC from the contract. ImageImageImage

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Beosin Alert

Beosin Alert Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @BeosinAlert

Beosin Alert Profile picture
Apr 9
Root cause: The reset of lastCalledPool is before the check. This results in an invalid check on Pool, allowing attackers to specify malicious Pool to transfer users’ funds that have approved when swap.

Example: 0xea3480f1f1d1f0b32283f8f282ce16403fe22ede35c0b71a732193e56c5c45e8
1) The attacker created the malicious pool contract 30 days ago.
2) The swap is performed by calling SushiSwap's router function processRoute, specifying the malicious contract as the pool contract.
3) After the swap, the malicious contract calls the uniswapV3SwapCallback, specifying the tokenIn as WETH and the from address as the victim's address (@0xSifu sifuvision.eth), thus using the victim's approval to router contract to transfer the funds.
Read 6 tweets
Beosin Alert Profile picture
Apr 5
Sentiment protocol was under an attack with a loss of ~$1 million caused by a price error due to reentrancy.
arbiscan.io/tx/0xa9ff2b587… Image
2/ The attacker first calls the "joinPool" function of Balancer Vault to make a deposit. Then he calls "exitPool" to withdraw, during which Balancer Vault sends eth to the attacker to call the fallback function of the attack contract.
3/ In the fallback function, the attacker calls the 0x62c5 contract's borrow function, which does a price calculation based on the return data from Balancer Vault.getPoolTokens().
Read 4 tweets
Beosin Alert Profile picture
Apr 3
Analysis:
The hacker first targets a pool with low liquidity to see if the MEV bot will front-run the tx.
For example, the hacker tempts the bot with 0.04 WETH.
It is found that the pool is indeed monitored by the MEV bot, the bot will also use all of its funds for arbitrage. Image
On the other hand, because the MEV bot uses the attacker’s validator to produce the block, and the attacker has been trying to see if MEV uses his validator.
So here the MEV bot is verified in advance to see if it will perform and can view the bundle as a validator.
The attacker then use a large amount of tokens exchanged in Uniswap V3 to swap in the low liquidity V2 pool to seduce MEV to use all the WETH to front-run and buy the worthless tokens.
A large amount of tokens are used to swap for all the WETH that MEV had just front-run. ImageImage
Read 5 tweets
Beosin Alert Profile picture
Mar 13
@eulerfinance Euler Finance was exploited with a ~$197M loss in multiple Txs.
34,224,863 $USDC, 849 $WBTC, 85,818 $stETH and 8,877,507 $DAI were stolen.
Take on tx to analyze:
0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d
2/ The hacker first flashloaned $30M $DAI via AAVE and deposited $20M to get 19,568,124 eDAI.
Then called mint function to use the 19,568,124 eDAIs to borrow 195,681,243 eDAIs (collateral assets) and 200,000,000 dDAIs (debt assets), thus scaling up the eDAI balance to ten times.
3/ The attacker then deposited the remaining 10M DAI via the repay function, borrowing 195,681,243 eDAI and 200,000,000 dDAI again.
The attacker then carry out a donateToReserves operation to burn 100M eDAI, then eDAI < dDAI, which reaches the liquidation condition.
Read 5 tweets
Beosin Alert Profile picture
Mar 1
On Feb 24, Shata Capital’s EFVault contract was exploited for $5.14M after an upgrade.
Attacker: 0xa0959536560776ef8627da14c6e8c91e2c743a0a

The attacker deposits 0.1 Ether into EFVault contract 26 days ago to get a certain number of shares.
2/ The project owner upgraded the EFVault contract by proxy before the attack.
After the EFVault contract was upgraded, the initialize function in the new implementation contract could not be called again, making it impossible to initialize the new variables.
3/ Also the data storage structure of the old version was not taken into account, so when reading assetDecimal variable in the new implementation contract, the data read is still the proxy contract slot, which is the value of the maxDeposit variable of the old version.
Read 6 tweets
Beosin Alert Profile picture
Feb 7
$FDP was under a flashloan attack in bscscan.com/tx/0x09925028c…
The loss is ~$10K.
(Thanks @bbbb again)
2/ The attacker flashloans 1,363 WBNBs uses 16 of them to swap for 284631626035854 $FDP.
The FDPs are calculated by currentRate before the manipulation. Here rtotal is not reduced and neither the pair nor the attacker is a deflationary exception. ImageImageImageImage
3/ The attacker uses the tAmount to call deliver function, which is to reduce the user-specified tAmount and add it to the fee. The 284631626035854 tAmount FDPs account for 28% of the entire FDP total supply. ImageImage
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(