On Friday, Ola Finance developers released a post-mortem for Thursday’s re-entrancy attack.
The company released exclusive details about the attack. According to the developers, the attackers implanted a Reentrancy bug in the Fuse network, targeting the vulnerable ERC677 token standard.
The attack was well-planned and successfully exploited 216,964.18 USDC, 550.45 wrapped ether, 1,240,000.00 FUSE, 26.25 wrapped bitcoin, 200,000.00 fUSD, and 507,216.68 BUSD. Adding up to $4.67M based on today’s crypto price.
In response to this deadly attack, Ola finance tweeted:
All projects accept responsibility and ask our communities to focus on the next steps of growth, rather than assigning blame.
— Ola.finance (@ola_finance) March 31, 2022
About Ola finance
Ola finance is a platform that follows decentralized finance (DeFi) protocol to different blockchains including Bitcoin, ETHER, etc.
DeFi protocol is a smart contract to create custom lending networks for blockchains. Anyone can create their own lending network through Ola finance.
What is a Re-entrancy bug?
The Re-entrancy bug exploits the DeFi protocol’s small contract to pocket assets by duplicating calls. This fake call authenticates access to any user’s wallet address through the small contract address.
The reentrancy bug drained out the funds completely through the 515 WETH flash loan in the first transaction. The attackers were able to take out the loan without paying collateral in the second transaction. They used those funds for the next transactions.
They tricked out Voltage Finance’s protocol and easily transferred the funds into their address.
Ola finance is still investigating any faulty tokens that might still exist in the protocol to eradicate any loose ends. While Voltage Finance will crackdown on the attackers and compensate users’ losses.
The platform’s developers said, “We will investigate each token’s “transfer” logic to make sure no problematic token standards are in use.”
If you have really enjoyed reading our news. Then you should dare to leave comments and your feedback in the comment sections. And please share our news in your circles to help us grow.