Game of Thrones: DAO Maker hacked analysis

On August 12, 2021, according to SlowMist Zone news, the encryption incubator DAO Maker was suspected of being hacked, resulting in the transfer of a large number of USDC contracts. The SlowMist security team immediately intervened in the analysis and shared the analysis results as follows.   

Attack object

In this attack, the attacker deployed and open sourced an attack contract (0x1c) to quickly steal funds from the DAO Maker victim contract (0x41) in batches.

Attacker address 1 :

0xd8428836ed2a36bd67cd5b157b50813b30208f50

Attacker address 2 :

0xef9427bf15783fb8e6885f9b5f5da1fba66ef931

Attack contract :

0x1c932902202424902a5e708b95f4ba23a3f2f3cee

DAO Maker victimized contract :

0x41B856701BB8c24CEcE2Af10651BfAfEbb57cf49

DAO Maker victim contract deployer : 0x054e71D5f096a0761dba7dBe5cEC5E2Bf898971c

DAO Maker victimized contract admin : 0x0eba461d9829c4e464a68d4857350476cfb6f559

Attack details

The difference between this attack and the usual attacks is that the DAO Maker victim contract (0x41) is not open source, while the attack contract (0x1c) is open source.

Game of Thrones: DAO Maker hacked analysis

From the open source attack contract and on-chain records above, we can see: 

1. The hacker calls the h function of the attack contract (0x1c). The h function calls the f function cyclically. The f function uses the 0x4b4f892a function of the DAO Maker victim contract to obtain the ordinary user’s USDC deposit amount in the victim contract (0x41).

2. Function h then calls the withdrawFromUser(0x50b158e4) function of the DAO Maker victim contract (0x41), passing in the user address of the user deposit, the USDC address and the amount of withdrawal required.

3. The DAO Maker victim contract (0x41) then transfers the USDC in the contract to the attack contract (0x1c).

Through the above behavior analysis, we can find that the attacking contract (0x1c) calls the withdrawFromUser function of the victim contract (0x41), and the victim contract (0x41) directly transfers the funds managed by the contract to the attacking contract (0x1c). We directly decompile the victim contract (0x41) to view the withdrawFromUser function for a simple analysis:

Game of Thrones: DAO Maker hacked analysis

Through the decompiled code, we can find that this function has a permission check, and only DAO contracts can call this function to transfer the user’s funds. But the attack contract (0x1c) is obviously not a DAO contract, so its DAO contract must have been replaced by the attacker.

Through on-chain analysis, we can clearly see:

1. The victim contract deployer (0x05) deployed the victim contract (0x41) at 08:33:45 UTC on April 12th and set the address 0x0eba461d9829c4e464a68d4857350476cfb6f559 as the  administrator role:

Tx Hash:

0xa1b4fceb671bb70ce154a69c2f4bd6928c11d98cbcfbbff6e5cdab9961bf0e6d

Game of Thrones: DAO Maker hacked analysis

2. Then the victim contract deployer (0x05) gave up the victim contract (0x41) management authority by calling the revokeRole function:

Tx Hash:

0x773613398f08ddce2cc9dcb6501adf4f5f159b4de4e9e2774a559bb1c588c1b8

Game of Thrones: DAO Maker hacked analysis

3. The administrator sets the DAO contract as an attack contract (0x1c) at 01:27:39 UTC on August 12th:

Tx Hash

0x2fba930502d27f9c9a2f2b9337a0149534dda7527029645752b2a6507ca6b0d6

Game of Thrones: DAO Maker hacked analysis

Therefore, the attacker can use this attack contract (0x1c) to steal the user’s funds in the victim contract (0x41). The stolen funds are currently converted into ETH and transferred to the attacker’s address 2 (0xef).

Summarize

This attack may originate from the leakage of the administrator’s private key of the DAO Maker victim contract. The attacker steals the private key and replaces the DAO contract of the victim contract with the attack contract. The attacker transfers the user funds in the contract through the replaced contract. And because the contract deployer gave up the contract management authority after setting up the contract administrator, the project party may not be able to effectively retrieve the contract control right at present.

 

Posted by:CoinYuppie,Reprinted with attribution to:https://coinyuppie.com/game-of-thrones-dao-maker-hacked-analysis/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Leave a Reply