Another weekend does not pass without an attack on a project from the space of decentralized finance. This time the victim was ForceDAO, a profitable farming service.
The problem was the incorrect verification of the call of certain functions in the smart contract. In particular, anyone could call the function of making a deposit, even without having FORCE tokens. With the help of the intermediate xFORCE tokens obtained from the smart contract, it was possible to withdraw real tokens.
In total, at least three hackers managed to exploit the vulnerability. One of them, who first discovered the problem, acted in good faith and saved 15.8 million FORCE. The other two turned out to be malefactors. The first managed to withdraw 298,000 FORCE and exchange them for 42 ETH ($ 85,000), and the second – 4.1 million FORCE. Considering the fall in the rate and liquidity by this time, he managed to gain only 80 ETH ($ 163,000). Currently, there is no liquidity in the FORCE pool on the Uniswap decentralized exchange, that is, transactions with the token are not possible.
As analyst Igor Igamberdiev notes, the hackers were in too much of a hurry and used the addresses from which in the past they transferred cryptocurrency to exchange accounts. This gives reason to hope for their discovery and return of assets.
More doubtful are the prospects for a quick recovery in the price of the token itself. FORCE started trading the night before yesterday and peaked at $ 2.30 before the exploit, but quickly dropped to $ 0.17.
Polymath Network developer Mudit Gupta also states that this is a known Ethereum smart contract bug and concludes that ForceDAO contracts have almost certainly not been verified by security experts.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
