- A white-hat hacker reported an exploitable vulnerability to an on-chain liquidity provider.
- The flaw was in vDODO holders’ referral staking power.
- Previously, hackers exploited a Web3 multi-chain wallet three days ago, stealing over $1.1 million.
A white-hat hacker recently alerted the DODO Team, an on-chain liquidity provider, about a vulnerability in its vDODO contract. The flaw was an exploitable weakness in vDODO holders’ referral staking power, requiring the participation of two attackers.
This move by the hacker represents an uncommon gesture within the web3 industry, where so many bad actors look to exploit any available vulnerability. The DODO team has consequently suspended the vDODO contract’s transfer function until a proper solution surfaces.
However, according to a press statement by the vDODO team, users’ prospective staking income may be harmed by the vulnerability, but not their vDODO assets. Additionally, the team noted that no user suffered any loss at press time. Yet, vDODO’s transfer feature will remain inactive to protect against assaults.
In other news, a hacker exploited a Web3 multi-chain wallet, BitKeep Swap, three days ago, carting away over $1.1 million worth of Binance Coin (BNB). The event further confirms a report by Chainalysis that October is the biggest month of hacking activities in 2022. The analytics firm said it had tracked over $718 million worth of crypto lost in DeFi protocols via 11 different hacks in October alone.
In sum, blockchain criminals have stolen up to $3 billion in investor cash through 141 different crypto vulnerabilities since January, a 31% rise from 2022, according to Chainalysis data. The Director of the National Cryptocurrency Enforcement Team (NCET) consequently expressed worries that there are grievous national security concerns beyond the millions of dollars lost to DeFi hacks and exploits.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.