After finding loopholes in the smart contract for the rebase project, a malicious entity stole 30,437 OHM tokens by the Olympus DAO on Friday, October 21. Peckshield, a blockchain security and data analysis company, revealed that hackers took nearly $300K in OHM tokens.
Hacker Exploits Smart Contract’s ‘BondFixedExpiryTeller’ Parameter, Steals $292,000 in OHM Tokens
After a rise to incredible values at the close of 2021, the Rebase Token Economy has fallen in value after a multitude of issues and controversies. The market value of the top rebase tokens was around \$4.99 trillion. Today, it is down 89.49%, at $524 million.
The hack saw approximately $292K worth of OHM tokens stolen from Olympus on October 21.
On Friday, blockchain security firm Peckshield detailed that the hacker found a loophole via the project’s smart contract “BondFixedExpiryTeller” parameter.
“It seems the related Olympus DAO’s BondFixedExpiryTeller contract has a redeem() function that does not properly validate the input, resulting in [a] ~$292K loss,” Peckshield detailed on Friday. Supremacy Inc. , a Web3 and blockchain security auditor, confirmed that an attacker used an “arbitrary external calling vulnerability” to siphon 30,437 OHM tokens out of the DAO.
The developers of the Olympus Rebase token project confirmed the loss reports via the Discord channel. The Olympus DAO developers told members of the Discord channel that an exploit had occurred this morning and allowed the attacker to withdraw approximately 30K OHM ($300K from the OHM bond).
OHM token (OHM), which is currently trading at just $10 per unit, is down around 1.2% after the hack. OHM’s seven-day stats show that OHM is down 3.3%. Year-to-date OHM has lost 99.9% against the U.S. Dollar. On September 19, 2022 the token hit a record low of \$9.04 per unit. Today, it is 9.3% higher than its all-time lowest.
Olympus DAO discussed at the end September how the project would eliminate its high annual percentage yield. This was leveraged to bootstrap OHM’s protocol and initiate OHM’s tokenomics.
Update: Olympus DAO stated the funds have been returned
