NFT money market OMNI suffered a “reentrancy” attack in the beta version of its protocol. The attacker stole 1,300 Ethereum from internal test funds. Here are the details…
NFT protocol suffered hack attack: Ethereum stolen
NFT protocol OMNI suffered an attack. But only internal test funds were stolen. No user’s funds were affected. The incident occurred on July 10. OMNI was quick to point out that the protocol is still in beta and only internal testing funds are affected. The team suspended protocol. Then, he began to investigate the cause of the attack. PeckShield later said it looked like a re-login hack. Blockchain security company BlockSec also said that NFT was deposited on the platform from the Doodles collection in the attack. wETHs were used as collateral in this transaction.
Crypto security firm BlockSec later detailed the attack, saying that the attack on the protocol was “due to the old-fashioned re-entry of onERC721Received.” It also later highlighted vulnerabilities in smart contracts, showing that the attacker used NFT to borrow ETH. Borrowed ETH turned into bad debt with no payment required.
The team has yet to provide a comprehensive autopsy of the attack, which usually follows an attack. They’re just lucky that their internal testing funds were stolen. The DeFi and NFT space has been subject to various attacks where bad actors have smuggled hundreds of millions of dollars. OMNI is an NFT financialization protocol, an NFT money market that provides lending and borrowing services. Users can lend NFTs and other ERC-20 tokens to earn interest. Assets can also be used as collateral to borrow assets.
Attacks continue to plague the NFT domain
While the NFT space has slowed in terms of sales, it remains one of the most active sectors in the crypto market. This has made it a prime target for hackers trying to find exploits where they can and get rid of funds. Few such incidents have occurred this year alone. As we reported as Kriptokoin.com, an NFT loan pool XCarnival lost about $4 million in a hack. However, the hacker accepted the 1,500 ETH reward. Bored Ape Yacht Club has also suffered multiple attacks, including phishing attempts targeting Discord and other social media platforms.
The most notable hack in this area was Ronin Bridge, which stole over $600 million. Analysts believe North Korean hackers are behind the incident. But with the recent market crash, North Korea has seen the value of stolen crypto plummet to a much smaller amount.
Contact us to be instantly informed about the last minute developments. twitter‘in, Facebookin and InstagramFollow and Telegram and YouTube join our channel!
Disclaimer: The articles and articles on Kriptokoin.com do not constitute investment advice. Cryptokoin.com does not recommend buying or selling any cryptocurrencies or digital assets, nor is Kriptokoin.com an investment advisor. For this reason, Kriptokoin.com and the authors of the articles on the site cannot be held responsible for your investment decisions. Readers should do their own research before taking any action regarding the company, asset or service in this article.
Warning: Citing the news content of Kriptokoin.com and quoting by giving a link is subject to the permission of Kriptokoin.com. No content on the site can be copied, reproduced or published on any platform without permission. Legal action will be taken against those who use the code, design, text, graphics and all other content of Kriptokoin.com in violation of intellectual property law and relevant legislation.