Fun

Old Dolomite exchange contract suffers $1.8M loss from approval exploit

News Feed - 2024-03-21 06:03:25

Christopher Roark2 hours agoOld Dolomite exchange contract suffers $1.8M loss from approval exploitThe Ethereum version of Dolomite suffered a $1.8 million exploit, and the team is warning users to revoke approvals for this old address.1076 Total viewsListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksAn old contract previously used by the Dolomite crypto exchange has been exploited for approximately $1.8 million, according to a March 20 report from blockchain security platform CertiK and seen by Cointelegraph. The exploit affected users who previously authorized approvals to the contract, and the development team recommended revoking approvals to the Ethereum Dolomite address that begins with 0xe2466. 


The development team claimed that users who have only interacted with the current version on Arbitrum should not be affected. They have also disabled the faulty contract, which should protect users who have not yet become victims of the attack. Even so, the team argued that users should revoke approvals to this contract.Source: Dolomite


Dolomite is a decentralized exchange and money market protocol that currently runs on Arbitrum and Polygon zkEVM. It originally launched on Ethereum in 2019. The team migrated it to the Arbitrum network in 2022 and gradually phased out support for the Ethereum version. Because of the immutable nature of smart contracts, users can still interact with its Ethereum version using developer tools.


According to the CertiK report, the attacker exploited a function named “callFunction” that allows a user to make any arbitrary calls. This function is guarded by a “noEntry” modifier, which under normal circumstances, should prevent any reentrancy attacks. However, this guard can be bypassed by the TradeManager contract located at 0xe2466, which contains a “call” function that has no reentrancy guard. Thus, the attacker was able to use this contract to drain funds from users, CertiK claimed.


The attacker transferred all of the stolen funds to address 0x5eAA7DadA44d59549A6c58008b2bd3C7F81d2502 and then deposited them into Tornado cash, Certik stated.


Related:ParaSwap evades hack targeting Augustus v6 contract vulnerability


This exploit is one of several that have occurred in March. On March 11, the Unizen protocol on Ethereum lost over $2.1 million due to an approval exploit. In that case, the development team promised to reimburse users as soon as possible. On March 15, Mozaic Finance lost over $2.4 million due to a private key compromise.# Ethereum# Hackers# Cryptocurrency Exchange# Hacks# Decentralized Exchange# DeFi# ArbitrumAdd reactionAdd reactionRead morePrice analysis 3/20: BTC, ETH, BNB, SOL, XRP, ADA, DOGE, AVAX, SHIB, TONSEC pushes deadline on VanEck spot Ether ETF applicationParaSwap evades hack targeting Augustus v6 contract vulnerability

News Feed

Tracker Shows Close to 3,000 Crypto ATMs Were Installed in 2022’s First Quarter
Tracker Shows Close to 3,000 Crypto ATMs Were Installed in 2022"s First Quarter During the last 12 months, there’s been an exponential number of cryptocurrency automated tel
Crypto Exchange Bybit Partners With Innovation Growth Hub to Launch Blockchain Education Program
Crypto Exchange Bybit Partners With Innovation Growth Hub to Launch Blockchain Education Program Bybit has said it is inviting African youths that wish to attend a blockchain educa
Blockstack Will Pay Liquidity Provider GSR to Trade Its STX Token
Blockstack, one of the first blockchain startups to have raised money in a Reg A+ offering, has hired GSR Markets to trade its “stacks” (STX) token. According to an Oct.
LABEL Foundation Integrates With Binance Custody to Offer Cold Storage Support for $LBL Token
LABEL Foundation Integrates With Binance Custody to Offer Cold Storage Support for $LBL Token press release PRESS RELEASE.LABEL Foundationhas announced that it has officially integr
4 crypto price analysis platforms that can improve your trades
Elena Perez10 hours ago4 crypto price analysis platforms that can improve your tradesCrypto analytics platforms can vary widely depending on various factors, including price, investment focus and tracking abilities.1033
Bitcoin.com Wallet Adds DApp Gateway WalletConnect
Bitcoin.com Wallet Adds DApp Gateway WalletConnect TheBitcoin.comTeam is excited to announce support for Ethereum-basedDAppsin theBitcoin.comWallet via WalletConnect. Earn interest
Billionaire Stan Druckenmiller Warns Crypto, Meme Stocks, Bonds Are in a Bubble: ‘This Bubble Is in Everything’
Billionaire Stan Druckenmiller Warns Crypto, Meme Stocks, Bonds Are in a Bubble: "This Bubble Is in Everything" Billionaire investor Stan Druckenmiller has warned that everything i
Brayden Lindrea2 hours agoSEC’s Gensler hints he’s open to a FTX reboot under proper leadership: Report“If Tom or anybody else wanted to be in this field, I would say, ‘Do it within the law,’” SEC Chair Gary
Bitcoin Price Spikes Over 9% as the Crypto Asset’s Value Nears $15K
Bitcoin Price Spikes Over 9% as the Crypto Asset"s Value Nears $15K The crypto economy has jumped over the $400 billion mark and is now hovering around $414 bill
Value Locked in Defi Rebounds — Smart Contract Tokens CPH, LUNA, XCP Lead the Pack
Value Locked in Defi Rebounds — Smart Contract Tokens CPH, LUNA, XCP Lead the Pack The total value locked in decentralized finance (defi) has managed to jump above the $200 billi
Bitcoin To Hit $225,000 By End Of Year, Predicts Venerable US Investment Bank
Este artículo también está disponible en español. In a newly released investor note, one of the oldest US investment banks H.C. Wainwright & Co. —established in 186
XRP $15 Breakout? Not A Far-Fetched Idea—Analysis
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu