The hacker withdrew $ 2.3 million from Templedao

On October 11, the unknown took advantage of the error in the smart contract of the Defi project of the Templedao Defi project and stole 1831 ETH (~ $ 2.3 million) in one of the stake storage facilities. The team promised to return funds to the victims as a result of an attack by users.

🚨 Temple Dao’s https: // t.CO/KQK1DEFPKQ WAS Exploited 1 Hour Ago for a Total Value of $ 2.3M (1.831 ETH).

We have reached out to the Team to Assist and Have Contacted Binance Which The Wallet Was Funded by.

Funds are Pressently on-chain in eth.https: // t.Co/JYeeUYUUW1

– Paladin Blockchain Security (@0xpaladinSec) October 11, 2022

In a series of transactions, the attacker deduced a total of 321 154 XLP tokens, exchanging them for 1,262,438 Frax and 1 418 303 Temple. In the future, he converted the last asset in Frax.

The reason for the exploit was “several abuses” in the functions of Migratestake. It allows users to transfer the placed tokens from an older contract. The attacker caused a function with a fake address, providing access to withdraw all funds from the storage to his wallet instead of a new contract.

“Exploit is one of the most trivial on the scale recently. […] The contract was deployed more than 100 days ago with a vulnerability, which was used only now “, – said in the message of Paladin.

Operations were carried out from an account registered on the Binance. Project representatives contacted the exchange security service.

The developers recommended refraining from depositing funds to Stax contracts.

The team promised a reward to the hacker in the event of a return to them stolen funds.

Other project storage facilities are not affected and are safe. According to Defi Llama, the volume of blocked funds in Templedao is $ 109.8 million.

Recall, on October 11, the unknown deduced $ 1 million from the QanPlatform blockchain platform.

Earlier, Immunefi Bounty Platform experts estimated the loss of Web3 ecosystems from hacks and fraud for the third quarter of 2022 $ 428.7 million.

From the general indicator for hacker attacks, $ 399 million. Most of the losses are associated with two incidents-with the Nomad cross-protocol ($ 190 million) and the Wintermute market maker ($ 160 million).

Read the FORKLOG Bitcoin News in our Telegram-cryptocurrency news, courses and analytics.