Pages:
Author

Topic: Another hack. $1.4 million worth of ETH drained from Omni. - page 2. (Read 240 times)

legendary
Activity: 2394
Merit: 2223
Signature space for rent
Heard first time about this scam. Do you have the source link and can you post it to read more details? I am wondering who will use this platform when it has been hacked during the beta test? Although they are saying none of the customer funds were affected but the customer will be afraid now. Behind most hack, someone from the inside is involved who knows better about codes. So they should investigate it deeply and increase security protocol.
sr. member
Activity: 672
Merit: 273
~snip~
you are right investors does not have access to the smart contract source code and that is where most of the hack start from, that is why I mentioned in my earlier comment on the centralized nature and the disadvantages of the open-source software network the developers always hold the keys and the can either exploit that window un a negative manner or leave it open so that other hacker can easily access and exploit such widows.
legendary
Activity: 2660
Merit: 1261
-snip-
Here the things you should know.

Most of hacked are from the smart contract and from the platform of the project. So, the one thing you should be aware is not the "decentralized" but the platform and security of smart-contract. Even you're carefully choosing the platform.

You cannot test the security & smart-contract by your self, since we don't have any knowledge.
full member
Activity: 854
Merit: 130
Omni, an NFT platform was hacked for about 1,300 ETH. The hacker utilized a reentrancy vulnerability, a known exploit in smart contracts using Solidity in the Omni Protocol,

For an attack, the hacker used NFTs from a collection called Doodles, he deposited NFTs and took wrapped Ethereum as collateral, then utilized a malicious callback function to frontrun buying more Doodle NFTs before liquidating his loan position.

Once the position was closed, the collateral was returned back to the attacker, so he had a remaining amount of borrowed money to buy even more NFTs, then the hacker used the newly acquired NFTs to borrow, even more, WETH, and could withdraw the loan before Omni's smart contract recognized the loan.

The hack drained more than 1,300 ETH from the protocol, however, Omni said that none of the customer funds were affected, as the platform uses its fund in a test mode since it's still considered a beta.
The level at which this manipulators and hackers are going this year crypto market is going to have the worst time in history.I think we are not mature enough for this web3. A lot has happened this year from Luna to cel and blok we have this same story. It is sad and I strongly believe that is why the market is strongly bearish this year. However, thank God customers funds are not affected.
sr. member
Activity: 672
Merit: 273
There have been one and several NFT hacks being reported lately and what I will advise is don't trust those network that claims to be 100% decentralized mean while the developer still has a strong influence on the security and they can change the protocol. Thousands of ethereum have been stolen through the NFTs network and this is raising a lot of concern most especially among the investor, so newcomers can be warned.
newbie
Activity: 4
Merit: 0
Omni, an NFT platform was hacked for about 1,300 ETH. The hacker utilized a reentrancy vulnerability, a known exploit in smart contracts using Solidity in the Omni Protocol,

For an attack, the hacker used NFTs from a collection called Doodles, he deposited NFTs and took wrapped Ethereum as collateral, then utilized a malicious callback function to frontrun buying more Doodle NFTs before liquidating his loan position.

Once the position was closed, the collateral was returned back to the attacker, so he had a remaining amount of borrowed money to buy even more NFTs, then the hacker used the newly acquired NFTs to borrow, even more, WETH, and could withdraw the loan before Omni's smart contract recognized the loan.

The hack drained more than 1,300 ETH from the protocol, however, Omni said that none of the customer funds were affected, as the platform uses its fund in a test mode since it's still considered a beta.
Pages:
Jump to: