Olympus DAO Hacked for 30,000 OHM Worth $300,000, Perpetrator Returns Funds Within Hours

The hacker who exploited an Olympus DAO (OHM) smart contract for $300,000 worth of assets is already returning the stolen funds.

According to blockchain security analytics firm PeckShield, an error in one of Olympus DAO’s smart contract bonds resulted in a $292,000 exploit earlier today.

“It seems the related OlympusDAO’s BondFixedExpiryTeller contract has a redeem() function that does not properly validate the input, resulting in ~$292,000 loss.”

Source: peckshield/Twitter

The Ethereum (ETH) blockchain explorer Etherscan confirmed the exploit.

The Olympus DAO community addressed the hack on their Discord server this morning.

“Dear community, 

This morning, an exploit occurred through which the attacker was able to withdraw roughly 30,000 OHM ($300,000) from the OHM bond contract at Bond Protocol. This bug was not found by three auditors, nor by our internal code review, nor reported via our Immunefi bug bounty. Our phased rollout put only a limited amount of funds at risk and as a result, the total amount exploited is lower than the bug bounty the attacker would have been able to claim through Immunefi. 

We have closed the affected markets and all other funds are safe. We will compensate all affected bonders in full and are exploring how to do this in the best way possible, either through a contract or airdrop. As soon as we have this finalized we will communicate via Discord. 

Additionally, we will do a thorough investigation and the council, together with our development team will come with a report of how this happened and how we will prevent this in the future. We aim to present this to the community during our next community call, November 4th. 

In the meantime, we encourage anyone to log any potential bugs through the Immunefi platform.”

Since then, a spokesperson for Olympus DAO has said that the stolen funds are now returned. Data from Etherscan confirms the return transaction.

Don’t Miss a Beat – Subscribe to get crypto email alerts delivered directly to your inbox

Check Price Action

Follow us on Twitter, Facebook and Telegram

Surf The Daily Hodl Mix

Check Latest News Headlines

&nbsp

Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any loses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.

Featured Image: Shutterstock/DrDrawer

Source: https://dailyhodl.com/2022/10/21/olympus-dao-hacked-for-30000-ohm-worth-300000-perpetrator-returns-funds-within-hours/