On August 12, 2021, according to SlowMist Zone news, the encryption incubator DAO Maker was suspected of being hacked, resulting in the transfer of a large number of USDC contracts. The SlowMist security team immediately intervened in the analysis and shared the analysis results as follows.
In this attack, the attacker deployed and open sourced an attack contract (0x1c) to quickly steal funds from the DAO Maker victim contract (0x41) in batches.
Attacker address 1 :
Attacker address 2 :
Attack contract :
DAO Maker victimized contract :
DAO Maker victim contract deployer : 0x054e71D5f096a0761dba7dBe5cEC5E2Bf898971c
DAO Maker victimized contract admin : 0x0eba461d9829c4e464a68d4857350476cfb6f559
The difference between this attack and the usual attacks is that the DAO Maker victim contract (0x41) is not open source, while the attack contract (0x1c) is open source.
From the open source attack contract and on-chain records above, we can see:
1. The hacker calls the h function of the attack contract (0x1c). The h function calls the f function cyclically. The f function uses the 0x4b4f892a function of the DAO Maker victim contract to obtain the ordinary user’s USDC deposit amount in the victim contract (0x41).
2. Function h then calls the withdrawFromUser(0x50b158e4) function of the DAO Maker victim contract (0x41), passing in the user address of the user deposit, the USDC address and the amount of withdrawal required.
3. The DAO Maker victim contract (0x41) then transfers the USDC in the contract to the attack contract (0x1c).
Through the above behavior analysis, we can find that the attacking contract (0x1c) calls the withdrawFromUser function of the victim contract (0x41), and the victim contract (0x41) directly transfers the funds managed by the contract to the attacking contract (0x1c). We directly decompile the victim contract (0x41) to view the withdrawFromUser function for a simple analysis:
Through the decompiled code, we can find that this function has a permission check, and only DAO contracts can call this function to transfer the user’s funds. But the attack contract (0x1c) is obviously not a DAO contract, so its DAO contract must have been replaced by the attacker.
Through on-chain analysis, we can clearly see:
1. The victim contract deployer (0x05) deployed the victim contract (0x41) at 08:33:45 UTC on April 12th and set the address 0x0eba461d9829c4e464a68d4857350476cfb6f559 as the administrator role:
2. Then the victim contract deployer (0x05) gave up the victim contract (0x41) management authority by calling the revokeRole function:
3. The administrator sets the DAO contract as an attack contract (0x1c) at 01:27:39 UTC on August 12th:
Therefore, the attacker can use this attack contract (0x1c) to steal the user’s funds in the victim contract (0x41). The stolen funds are currently converted into ETH and transferred to the attacker’s address 2 (0xef).
This attack may originate from the leakage of the administrator’s private key of the DAO Maker victim contract. The attacker steals the private key and replaces the DAO contract of the victim contract with the attack contract. The attacker transfers the user funds in the contract through the replaced contract. And because the contract deployer gave up the contract management authority after setting up the contract administrator, the project party may not be able to effectively retrieve the contract control right at present.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/game-of-thrones-dao-maker-hacked-analysis/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.