vEmpire-DDAO (OP)
Newbie
 Offline
Activity: 4
Merit: 0
|
 |
July 12, 2022, 05:38:25 PM |
|
Omni, an NFT platform was hacked for about 1,300 ETH. The hacker utilized a reentrancy vulnerability, a known exploit in smart contracts using Solidity in the Omni Protocol,
For an attack, the hacker used NFTs from a collection called Doodles, he deposited NFTs and took wrapped Ethereum as collateral, then utilized a malicious callback function to frontrun buying more Doodle NFTs before liquidating his loan position.
Once the position was closed, the collateral was returned back to the attacker, so he had a remaining amount of borrowed money to buy even more NFTs, then the hacker used the newly acquired NFTs to borrow, even more, WETH, and could withdraw the loan before Omni's smart contract recognized the loan.
The hack drained more than 1,300 ETH from the protocol, however, Omni said that none of the customer funds were affected, as the platform uses its fund in a test mode since it's still considered a beta.
|
|
|
|
|
|
Piesel
|
|
July 12, 2022, 06:01:42 PM |
|
There have been one and several NFT hacks being reported lately and what I will advise is don't trust those network that claims to be 100% decentralized mean while the developer still has a strong influence on the security and they can change the protocol. Thousands of ethereum have been stolen through the NFTs network and this is raising a lot of concern most especially among the investor, so newcomers can be warned.
|
|
|
|
|
|
Tellek Garing
|
|
July 12, 2022, 07:22:07 PM |
|
Omni, an NFT platform was hacked for about 1,300 ETH. The hacker utilized a reentrancy vulnerability, a known exploit in smart contracts using Solidity in the Omni Protocol,
For an attack, the hacker used NFTs from a collection called Doodles, he deposited NFTs and took wrapped Ethereum as collateral, then utilized a malicious callback function to frontrun buying more Doodle NFTs before liquidating his loan position.
Once the position was closed, the collateral was returned back to the attacker, so he had a remaining amount of borrowed money to buy even more NFTs, then the hacker used the newly acquired NFTs to borrow, even more, WETH, and could withdraw the loan before Omni's smart contract recognized the loan.
The hack drained more than 1,300 ETH from the protocol, however, Omni said that none of the customer funds were affected, as the platform uses its fund in a test mode since it's still considered a beta.
The level at which this manipulators and hackers are going this year crypto market is going to have the worst time in history.I think we are not mature enough for this web3. A lot has happened this year from Luna to cel and blok we have this same story. It is sad and I strongly believe that is why the market is strongly bearish this year. However, thank God customers funds are not affected. |
|
|
|
|
ryzaadit
Legendary
Offline
Activity: 2618
Merit: 1254
|
|
July 12, 2022, 08:16:28 PM |
|
-snip-
Here the things you should know. Most of hacked are from the smart contract and from the platform of the project. So, the one thing you should be aware is not the "decentralized" but the platform and security of smart-contract. Even you're carefully choosing the platform. You cannot test the security & smart-contract by your self, since we don't have any knowledge. |
|
|
|
|
Piesel
|
|
July 12, 2022, 08:22:49 PM |
|
~snip~
you are right investors does not have access to the smart contract source code and that is where most of the hack start from, that is why I mentioned in my earlier comment on the centralized nature and the disadvantages of the open-source software network the developers always hold the keys and the can either exploit that window un a negative manner or leave it open so that other hacker can easily access and exploit such widows. |
|
|
|
|
The Cryptovator
Legendary
Offline
Activity: 2366
Merit: 2217
Signature space for rent
|
|
July 12, 2022, 08:29:57 PM |
|
Heard first time about this scam. Do you have the source link and can you post it to read more details? I am wondering who will use this platform when it has been hacked during the beta test? Although they are saying none of the customer funds were affected but the customer will be afraid now. Behind most hack, someone from the inside is involved who knows better about codes. So they should investigate it deeply and increase security protocol.
|
Signature Space for Rent
|
|
|
|
zonefloor
|
|
July 12, 2022, 09:45:38 PM |
|
You did not specify any source. Did this event really happen? Apart from that, hack attacks have started to increase in recent times. Whenever the markets start to transition into the bear season, such hacking incidents always start to come to the fore. In these cases, it always raises question marks in my mind. I think that these hacking attacks are done together with the team. Because I've been trading in the cryptocurrency market for years and when things are getting better, hacks like this never happen. But when projects start to lose money, such incidents come to light.
|
|
|
|
|
|
|
|
Dave1
|
|
July 13, 2022, 03:00:19 AM |
|
And that is the big question, no customer has been affected? So what did the hacker hack then? They won't just strike to anything that it will not yield anything to them. So I'm just confused in the beginning as there are no customers who lost their money. But if it is true then good for them, but still if this hacks makes the newsroom, someone should have lost their ETH already. And it seems that the hackers activity have been ramping up because it's going to be easy money for them. |
|
█▄ | R |
▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀ | LLBIT | ▀█ |
THE #1 SOLANA CASINO | ████████████▄
▀▀██████▀▀███
██▄▄▀▀▄▄█████
█████████████
█████████████
███▀█████████
▀▄▄██████████
█████████████
█████████████
█████████████
█████████████
█████████████
████████████▀ | ████████████▄
▀▀▀▀▀▀▀██████
█████████████
▄████████████
██▄██████████
████▄████████
█████████████
█░▀▀█████████
▀▀███████████
█████▄███████
████▀▄▀██████
▄▄▄▄▄▄▄██████
████████████▀ | ........5,000+........
GAMES
......INSTANT......
WITHDRAWALS | ..........HUGE..........
REWARDS
............VIP............
PROGRAM | .
PLAY NOW |
|
|
|
BlackBaron
Sr. Member
Offline
Activity: 643
Merit: 263
#SWGT PRE-SALE IS LIVE
|
|
July 13, 2022, 03:19:39 AM |
|
Omni, an NFT platform was hacked for about 1,300 ETH. The hacker utilized a reentrancy vulnerability, a known exploit in smart contracts using Solidity in the Omni Protocol,
This if i'm not mistaken it's already the 10th, i saw the NFT platform being hacked, is this a disaster or the end of people selling photos of themselves or photos of monkeys with big glasses. I once saw in the profile of one of the NFT participants, he saved around 1200 ETH, from selling NFT, I think the NFT platform is no longer safe for its users, this might be an easy target for hackers. |
.SWG.io. | |
●
●
●
●
●
● | | | |
●
●
●
●
●
● | |
█▀▀▀
█
█
█
█
█
█
█
█
█
█
█▄▄▄
| |
▀▀▀█
█
█
█
█
█
█
█
█
█
█
▄▄▄█
| |
●
●
●
●
●
● | |
█▀▀▀
█
█
█
█
█
█
█
█
█
█
█▄▄▄
| |
▀▀▀█
█
█
█
█
█
█
█
█
█
█
▄▄▄█
| |
●
●
●
●
●
● | | | | |
4.45 | |
●
●
●
●
●
● | | | | |
|
|
|
cryptoaddictchie
Legendary
Offline
Activity: 2226
Merit: 1375
Fully Regulated Crypto Casino
|
|
July 13, 2022, 06:34:29 AM |
|
This if i'm not mistaken it's already the 10th, i saw the NFT platform being hacked, is this a disaster or the end of people selling photos of themselves or photos of monkeys with big glasses.
If thats already the number of incident then users should think already of leaving the platform or any associated activity with it. Problem now in this time are those hackers were able to exploit such weak code and security. Its on the part of the platform why this happened. Maybe they are careless and dont put much attention on the security aspect of their own platform. Well newbies will become victim if they dont study first what they are going or investing through. |
|
CHIPS.GG | | | ▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
▄███▀░▄░▀▀▀▀▀░▄░▀███▄
▄███░▄▀░░░░░░░░░▀▄░███▄
▄███░▄░░░▄█████▄░░░▄░███▄
███░▄▀░░░███████░░░▀▄░███
███░█░░░▀▀▀▀▀░░░▀░░░█░███
███░▀▄░▄▀░▄██▄▄░▀▄░▄▀░███
▀███░▀░▀▄██▀░▀██▄▀░▀░███▀
▀███░▀▄░░░░░░░░░▄▀░███▀
▀███▄░▀░▄▄▄▄▄░▀░▄███▀
▀████▄▄▄▄▄▄▄████▀
█████████████████████████ | | ▄▄███████▄▄
▄███████████████▄
▄█▀▀▀▄█████████▄▀▀▀█▄
▄██████▀▄█▄▄▄█▄▀██████▄
▄████████▄█████▄████████▄
████████▄███████▄████████
███████▄█████████▄███████
███▄▄▀▀█▀▀█████▀▀█▀▀▄▄███
▀█████████▀▀██▀█████████▀
▀█████████████████████▀
▀███████████████████▀
▀████▄▄███▄▄████▀
████████████████████████ | | 3000+
UNIQUE
GAMES | | | 12+
CURRENCIES
ACCEPTED | | | VIP
REWARD
PROGRAM | |
◥ |
Play Now |
|
|
|
|
antsam
|
|
July 13, 2022, 08:50:57 AM |
|
It's terrible if this is true, it shows that the security of the crypto world is still vulnerable that must continue to be tested. There is a lot of theft going on in the crypto world which is hard to uncover, but it is a process towards the maturity of the platform with its security
|
|
|
|
|
DeathAngel
Legendary
Offline
Activity: 3262
Merit: 1614
#1 VIP Crypto Casino
|
|
July 13, 2022, 09:57:04 AM |
|
It’s nothing we haven’t seen before. People have been stealing money from organisations for centuries. A vulnerability was found & the funds were drained, this isn’t a reason for some mainstream news FUD though. The fiat banking system has had worse things than this for years.
|
|
|
|
|
yazher
|
|
July 13, 2022, 11:45:34 AM |
|
I don't understand how the hack works but it seems like the users are not affected by such evil acts which might cause them a fortune if ever they become a victim. Luckily no one got their money stolen except Omni which is they really need to tighten its security and hire some expert to block those hackers from infiltrating their system. This might just be some easy matters to them but for the investors, this is an indication that they don't deserve their trust they really need to fix their system first before they fully open their product to the investors.
|
|
|
|
TastyChillySauce00
Legendary
Offline
Activity: 3136
Merit: 1037
Leading Crypto Sports Betting & Casino Platform
|
|
July 13, 2022, 12:01:56 PM |
|
That sounds like the team wants to make the users feel confidence but i do believe if that would be a big lie if the team was saying like that if the funds were not getting affected. It seems like that the hacked is still even smarter than the whole of the team. This loophole has been making people are feeling worry with their money.
I will not believe if the users will still feel confidence to use the platform anymore. I meant if you must also aware that if 1,4 millions USD were a lot.
So, what will be happening with this platform then? The team is the party who knows about the truth. That's pretty much the same like when another defi was getting hacked but at the end if was getting closed down.
|
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
|
icalical
|
|
July 13, 2022, 01:47:25 PM |
|
Omni, an NFT platform was hacked for about 1,300 ETH. The hacker utilized a reentrancy vulnerability, a known exploit in smart contracts using Solidity in the Omni Protocol,
For an attack, the hacker used NFTs from a collection called Doodles, he deposited NFTs and took wrapped Ethereum as collateral, then utilized a malicious callback function to frontrun buying more Doodle NFTs before liquidating his loan position.
Once the position was closed, the collateral was returned back to the attacker, so he had a remaining amount of borrowed money to buy even more NFTs, then the hacker used the newly acquired NFTs to borrow, even more, WETH, and could withdraw the loan before Omni's smart contract recognized the loan.
The hack drained more than 1,300 ETH from the protocol, however, Omni said that none of the customer funds were affected, as the platform uses its fund in a test mode since it's still considered a beta.
A really really bad news when the market just started to slowly recover, Omni is not small platform, and $1.4 million is not small amount. Even though Omni said that the user money is not affected, the use still now that Omni system is vulnerable, and usually the hacker will cash-out their ETH very soon, it will also affect the crypto market in general. |
|
|
|
|
Piesel
|
|
July 13, 2022, 07:46:56 PM |
|
It's terrible if this is true, it shows that the security of the crypto world is still vulnerable that must continue to be tested. There is a lot of theft going on in the crypto world which is hard to uncover, but it is a process towards the maturity of the platform with its security
We have seen so many similar hacking incidents in the cryptocurrency industry, and Omni is a big platform that has so much reserve this hacking news is a devastating one, and at this point even though the Omni team has said that clients funds are safe but this raised a lot of concerns. |
|
|
|
|
|
livingfree
|
|
July 13, 2022, 07:50:27 PM |
|
And that is the big question, no customer has been affected? So what did the hacker hack then? They won't just strike to anything that it will not yield anything to them. So I'm just confused in the beginning as there are no customers who lost their money. But if it is true then good for them, but still if this hacks makes the newsroom, someone should have lost their ETH already. And it seems that the hackers activity have been ramping up because it's going to be easy money for them. That's why I'm hoping that they're telling the truth because that will literally make their customers panic if they say that funds are affected. This is like a psychological guarantee so that customers won't think of that much worry. Anyway, let's give the benefit of the doubt despite the huge amount involved. Binance gone through the same problem before but they've got the safu mechanism so maybe, they're the same. |
|
|
|
hugeblack
Legendary
Offline
Activity: 2660
Merit: 3919
|
|
July 13, 2022, 08:06:06 PM |
|
The hack drained more than 1,300 ETH from the protocol, however, Omni said that none of the customer funds were affected, as the platform uses its fund in a test mode since it's still considered a beta.
What do you mean by “test mode” and you were talking about “user money” before that. It is the first time I hear about this platform and I thought it was an Omi layer, but if the money is for testing, then this is not a hack or it is real ether (tCOIN,) and therefore either the platform compensated from its resources or they were making a huge profit. anyway it is hard to find a critical vulnerability in smart contract which may open door for inside hacker |
|
|
|
serjent05
Legendary
Offline
Activity: 2996
Merit: 1280
Hire Bitcointalk Camp. Manager @ r7promotions.com
|
|
July 13, 2022, 11:00:52 PM |
|
The hack drained more than 1,300 ETH from the protocol, however, Omni said that none of the customer funds were affected, as the platform uses its fund in a test mode since it's still considered a beta.
What do you mean by “test mode” and you were talking about “user money” before that. It is the first time I hear about this platform and I thought it was an Omi layer, but if the money is for testing, then this is not a hack or it is real ether (tCOIN,) and therefore either the platform compensated from its resources or they were making a huge profit. anyway it is hard to find a critical vulnerability in smart contract which may open door for inside hacker It is clearly stated that the funds drained by the hacker are from OMNI and not their customer. It is a good thing that OMNI tested the application first with their own fund than their client. But still, I am wondering how does the hacker drained the ETH while OMNI is performing the test. How can a hacker sync his activity with OMNI developer.. kinda suspicious to me. |
|
|
|
|
