NFT Platform OMNI loses about 1,300 ETH following a Re-entrancy Attack Hack

OMNI an NFT finance platform that lends out cryptocurrency in exchange for staked NFTs – fell victim to a Re-entrancy attack that led to the loss of nearly 1,300 ETH, worth $1.4 million at the time.

omni-nft-platform-hack-1300-eth

Bad Debts because of Bad Code

The project in question lost the funds following a poor faith staking of NFTs from the Doodle collection. In order to execute the attack, the attacker first deposited Doodles as leverage for a loan of wrapped ETH (wETH). Once the loan was confirmed, the hacker was able to draw all Doodles except for one, causing a callback function that voided the debt acquired by buying wETH.

Once these two steps were concluded, the Doodle remaining on the platform was no longer sufficient to cover the debt incurred. The position was then liquidated by the system, returning the last of the Doodles to the exploiter as well.

Also Read, Solana’s Liquidity Protocol CremaFinance Hacked

No prospect for a White Hat Appeal

In the wake of recent attacks on DeFi, newly exploited devs have often created open appeals to those behind the hack, suggesting to consider them as a white-hat event in recovery for most or all of the stolen funds.

In few cases, this turned out nicely, the Optimism exploiter, for example, returned most of the funds after asking for Vitalik Buterin’s advice. The devs at Harmony lately tried the same approach but were summarily neglected as the laundering of the stolen tokens began.

In this issue, the appeal never had a prospect to be made, as the attacker instantly sent his newly appropriated wETH to Tornado, a mixing service that confuses the origin of funds. Due to this capacity, it is often utilized by cybercriminals looking to launder ill-begotten gains.

OMNI Protocol Suspended

The OMNI protocol is still in beta. It has been shut down by the devlopeers in charge, pending audits and security patches. Again, OMNI devs proved that no customer funds were affected by the exploit, suggesting that the stolen wETH were “internal testing funds.”

Unfortunately for the devs and fans of the project, it seems like OMNI will have to stay in beta for time being, that will be longer than previously planned.


Hungry for more information?

NFT Calendar from NFTHi

Check out the Latest NFT News!

For more interesting updates on NFTs, connect with NFTHI on Twitter and Instagram.

Join us on Telegram!


NFTHI does not recommend any kind of Investment in NFTs or NFT trading. All the strategies are merely educational references.

Conduct thorough research before you start with NFT trading.

Share This Post

Related Posts

Polygon’s new big reveal is ‘zkEVM’, a Scaling Solution

When it comes to scaling Ethereum, Polygon has taken...

Xbox CEO says they are “cautious” about Play to Earn

Phil Spencer, the head of Microsoft’s Xbox gaming company...

Atlanta Braves Reveal a Metaverse Truist Park

Soon Braves fans will be able to meet up...

Quentin Tarantino’s Pulp Fiction NFT Lawsuit is finally Settled

In a surprising lawsuit in November last year, Miramax...

BitMEX Executive Pleads guilty to breaching Bank Secrecy Act

On Monday, the United States Attorney for the Southern...

CEO of JPMorgan’s Blockchain Unit: Crypto is Junk

Umar Farooq, CEO of JPMorgan’s blockchain unit, thinks that...
spot_img