The attackers exploited a reentrancy vulnerability in the Orion Protocol's core contract, ExchangeWithOrionPool, by constructing a fake token (ATK) with self-destruct capability that led to the transfer() function.
Gul Hameed 
May 31, 2023 
The DeFiGeek Community (DFGC), established in February 2021, is a diverse and growing group dedicated to the development of decentralized finance (DeFi) applications and middleware that contribute to the Web3 era. With a membership that includes developers and enthusiasts alike, DFGC aims to create a hub for sharing accurate industry information and fostering collaboration. Among its projects are the Yamato Protocol, a crypto-backed stablecoin pegged to the Japanese yen (JPY), and the planned Yorozu, a peer-to-peer lending Dapp. As the community works towards becoming a decentralized autonomous organization (DAO), it emphasizes fluidity and the elimination of authority to allow for independent leadership and innovation. On Apr 17, 2023, the DeFiGeek Community fell victim to a security breach in which an attacker exploited a flash loan vulnerability, causing the loss of 10 ETH (valued at over $20,000) from their DeFiGeek Community Pool Dai (fDAI-102). The community has also committed to covering the lost funds through its treasury, mitigating the financial impact on its members. Attack Tx hash: 0xa32c84ad09369880dfbdf01bcacc2de632ab8c49d97c33ef695fd0 Attacker address: 0xDBDf5f801da11d65fE9B1D449CBEd6EBE2f04Fd3 Attack Contract: 0x0c845a1062f94d475c8303ece4908ca2bf98001f DeFiGeek Community Pool Dai (fDAI-102): 0x08b86e750ff8c816d8af The attacker took out a flash loan from Balancer: Vault, acquiring a large amount of DAI (30,000,000 DAI) to exploit the DeFiGeek Community Pool vulnerability. The attacker started interacting with the DeFiGeek protocol, sending 10M DAI to the protocol and receiving 50M fDAI-1 tokens in return, potentially manipulating the exchange rate between DAI and fDAI-1. The attacker continued to send DAI and fDAI-1 tokens back and forth between their own address and the DeFiGeek protocol, potentially exploiting the vulnerability in the protocol to skew the exchange rate further in their favor. This included sending approximately 10M DAI and 50M fDAI-1 back to the protocol, and receiving approximately 10M DAI in return. The attacker traded 10.03 WETH ($19,497.88) on Uniswap V2, obtaining 20,636.13 DAI ($20,636.13). With the manipulated exchange rate now in their favor, the attacker likely used their acquired fDAI-1 tokens to withdraw more DAI than they initially deposited The attacker returned the initial 30,000,000 DAI to Balancer: Vault, closing the loop on the flash loan.the attacker made a profit of 10 ETH, which is worth more than $20,000 at the time of the attack The contract was subject to a vulnerability that allowed an attacker to exploit the system and make a profit. The flaw in the smart contract was related to an improper handling of the collateral factor (CF) and borrow cap, which the attacker took advantage of by borrowing a large amount of funds and interacting with the protocol in a specific way. This enabled the attacker to manipulate the exchange rate between DAI and fDAI-1 tokens, ultimately making a profit at the expense of the protocol. In response to the attack, DeFiGeek initially set a zero supply cap for the unused token pool, but this measure was insufficient to prevent the exploit. To fully mitigate the vulnerability and prevent similar attacks in the future, DeFiGeek set the collateral factor (CF) and borrow cap to zero for the unused token pool. This action effectively disables the ability to use the problematic asset for borrowing or providing collateral, eliminating the possibility of an attacker exploiting the same flaw again. By setting the CF and borrow cap to zero, DeFiGeek secures the protocol against similar attacks., ensuring the safety of its users' funds. The DeFiGeek Community hack serves as a reminder of the importance of robust security measures and best practices in the rapidly evolving DeFi landscape. As the sector continues to grow and attract more users, it is crucial to prioritize security and implement comprehensive audits, secure coding practices, and continuous monitoring for suspicious activities. Additionally, fostering a security-conscious culture among developers and community members will help ensure that all parties involved remain vigilant in safeguarding against potential vulnerabilities and exploits. One of the recommended approaches to mitigating such risks is to engage third-party security audits from reputable firms, such as blockapex.io, to ensure that all possible vulnerabilities are identified and addressed in a timely manner. By staying proactive and vigilant, the DeFi community can continue to innovate and thrive in a secure and reliable environment.Introduction
Hack Impact
Transactions Involved
Fund's Flow
Hack Explained: A Technical Breakdown
Obtain a flash loan
Interaction with the DeFiGeek protocol
Further manipulation of token balances
Trading on Uniswap
Profit extraction
Repay the flash loan
Smart Contract Flaw
Mitigation and Recommended Practices
Conclusion
The attackers exploited a reentrancy vulnerability in the Orion Protocol's core contract, ExchangeWithOrionPool, by constructing a fake token (ATK) with self-destruct capability that led to the transfer() function.
Gul Hameed 
September 11, 2023 Safemoon suffered an attack in which the SFM/BNB pool was drained, resulting in a loss of $8.9M worth of ‘locked LP’. The attack was carried out by exploiting a vulnerability in the new Safemoon contract that allowed anyone to burn SFM tokens from any address, thus inflating the price of SFM tokens in the pool.
Gul Hameed
July 27, 2023 Zunami is a decentralized protocol operating in the Web3 space, specializing in issuing aggregated stablecoins like UZD and zETH. These stablecoins are generated from omnipools that employ various profit-generating strategies. Recently, the protocol was exploited, resulting in a loss of $2.1M.
Gul Hameed
September 8, 2023 The Deus DAO hack had significant financial consequences, with users collectively losing around $6.5 million across Arbitrum, BSC, and Ethereum chains. Furthermore, the hack caused the DEI stablecoin to depeg by more than 80%, destabilizing its value and potentially shaking investor confidence.
Gul Hameed
May 24, 2023 The Level Finance hack significantly affected the platform and its users, as the attacker managed to steal $1.1 million in referral rewards. This breach undermined trust in Level Finance and raised concerns about the security of similar DeFi platforms.
Gul Hameed
July 5, 2023 The attack on dForce network had significant consequences for the platform and its users. By exploiting a reentrancy vulnerability in the wstETH/ETH pool on Curve and the dForce wstETH/ETH Vault, the attacker was able to manipulate the virtual price of the pool, which in turn affected the oracle used by the dForce wstETH/ETH Vault
Gul Hameed
June 14, 2023 Jimbo's Protocol is a decentralized finance (DeFi) system built on the Arbitrum chain. The protocol uses a semi-stable floor price for its ERC-20 token, $JIMBO, backed by a treasury of Ether (ETH). However, despite its pioneering efforts to maintain on-chain liquidity and price floors, Jimbo's Protocol recently faced a Flash loan attack.
Gul Hameed
September 7, 2023 On April 9, 2023, SushiSwap suffered a security breach which led to a loss of over $3.3 million. The attack exploited a flaw in the RouteProcessor2 contract of SushiSwap's router processor. The fallout was felt across several major chains that had previously authorized the RouteProcessor2 contract.
Gul Hameed
July 20, 2023 The Dexible hack affected a total of 17 user accounts, with the majority of losses coming from a single address belonging to BlockTower Capital, a prominent investment firm.
Gul Hameed
August 25, 2023 
