This time, one of the decentralized autonomous organizations (DAO) was targeted in the cryptocurrency market. According to security firm CertiK, FriesDAO’s wallet has been hacked. CertiK says the damage in the altcoin hack incident was $2.3 million. The DAO team created the distributor wallet with an insecure tool called Profanity.
This time, the hacked altcoin project was FriesDAO.
An unknown attacker stole $2.3 million in tokens from a decentralized autonomous organization called FriesDAO. October is a particularly bad month for crypto projects. This attack also came amid a series of attacks and abuses this month.
The hack started when the hacker took control of FriesDAO’s ‘distributor wallet’. The attacker then took control and transferred a large amount of FRIES, the project’s management tokens. The perpetrator also exploited their access to the issuer wallet by draining other tokens from a stake pool. Security firm CertiK estimates that the stolen tokens were sold for $2.3 million in stablecoins held at the hacker’s address. FriesDAO informed users of the hack:
We noticed that the redemption distribution contract was exploited and managed to get FRIES tokens which were then returned for USDC and sold to the Uniswap pool.
CertiK: It was possible to prevent this attack
The dev team created FriesDAO’s distributor wallet using Profanity. It is a known fact that Profanity contains a critical vulnerability. cryptocoin.comLast month, security analysts at 1inch found that private keys of private addresses generated through Profanity can be calculated by malicious hackers to steal funds. After 1inch, hackers exploited the vulnerability to steal $160 million worth of crypto assets from market maker Wintermute.
FriesDAO also considered it safe to Profanity to generate the distributor wallet address. According to CertiK, due to the vulnerability, the hacker extracted the private key of the wallet to move the funds out. The security firm said FriesDAO’s exploit could have been avoided if the team had been more diligent and had changed the address of the deployer in time. CertiK underlined the following in a statement regarding the attack:
It was possible to prevent this attack. Because the Profanity vulnerability has been known to everyone for over a month. CertiK calls on all Web3 projects that use the Profanity tool to instantly transfer control of assets held in affected wallets to securely generated addresses.
Contact us to be instantly informed about the last minute developments. twitter‘in, Facebookin and InstagramFollow and Telegram and YouTube join our channel!
Risk Disclosure: The articles and articles on Kriptokoin.com do not constitute investment advice. Bitcoin and cryptocurrencies are high-risk assets, and you should do your due diligence and do your own research before investing in these currencies. You can lose some or all of your money by investing in Bitcoin and cryptocurrencies. Remember that your transfers and transactions are at your own risk and any losses that may occur are your responsibility. Cryptokoin.com does not recommend buying or selling any cryptocurrencies or digital assets, nor is Kriptokoin.com an investment advisor. For this reason, Kriptokoin.com and the authors of the articles on the site cannot be held responsible for your investment decisions. Readers should do their own research before taking any action regarding the company, assets or services in this article.
Disclaimer: Advertisements on Kriptokoin.com are carried out through third-party advertising channels. In addition, Kriptokoin.com also includes sponsored articles and press releases on its site. For this reason, advertising links directed from Kriptokoin.com are on the site completely independent of Kriptokoin.com’s approval, and visits and pop-ups directed by advertising links are the responsibility of the user. The advertisements on Kriptokoin.com and the pages directed by the links in the sponsored articles do not bind Kriptokoin.com in any way.
Warning: Citing the news content of Kriptokoin.com and quoting by giving a link is subject to the permission of Kriptokoin.com. No content on the site can be copied, reproduced or published on any platform without permission. Legal action will be taken against those who use the code, design, text, graphics and all other content of Kriptokoin.com in violation of intellectual property law and relevant legislation.