OMNI an NFT finance platform that lends out cryptocurrency in exchange for staked NFTs – fell victim to a Re-entrancy attack that led to the loss of nearly 1,300 ETH, worth $1.4 million at the time.
Bad Debts because of Bad Code
The project in question lost the funds following a poor faith staking of NFTs from the Doodle collection. In order to execute the attack, the attacker first deposited Doodles as leverage for a loan of wrapped ETH (wETH). Once the loan was confirmed, the hacker was able to draw all Doodles except for one, causing a callback function that voided the debt acquired by buying wETH.
Once these two steps were concluded, the Doodle remaining on the platform was no longer sufficient to cover the debt incurred. The position was then liquidated by the system, returning the last of the Doodles to the exploiter as well.
Also Read, Solana’s Liquidity Protocol CremaFinance Hacked
No prospect for a White Hat Appeal
In the wake of recent attacks on DeFi, newly exploited devs have often created open appeals to those behind the hack, suggesting to consider them as a white-hat event in recovery for most or all of the stolen funds.
In few cases, this turned out nicely, the Optimism exploiter, for example, returned most of the funds after asking for Vitalik Buterin’s advice. The devs at Harmony lately tried the same approach but were summarily neglected as the laundering of the stolen tokens began.
In this issue, the appeal never had a prospect to be made, as the attacker instantly sent his newly appropriated wETH to Tornado, a mixing service that confuses the origin of funds. Due to this capacity, it is often utilized by cybercriminals looking to launder ill-begotten gains.
OMNI Protocol Suspended
The OMNI protocol is still in beta. It has been shut down by the devlopeers in charge, pending audits and security patches. Again, OMNI devs proved that no customer funds were affected by the exploit, suggesting that the stolen wETH were “internal testing funds.”
Unfortunately for the devs and fans of the project, it seems like OMNI will have to stay in beta for time being, that will be longer than previously planned.
Hungry for more information?
NFT Calendar from NFTHi
Check out the Latest NFT News!
For more interesting updates on NFTs, connect with NFTHI on Twitter and Instagram.
Join us on Telegram!
NFTHI does not recommend any kind of Investment in NFTs or NFT trading. All the strategies are merely educational references.
Conduct thorough research before you start with NFT trading.
