I. Event Overview
On May 12 at 9:44 a.m. Eastern Standard Time, the Chainbuilder-Blockchain Security Situational Awareness Platform (Beosin-Eagle Eye) monitored that the DeFi pledge and liquidity strategy platform xToken was attacked and the xBNTa Bancor pool as well as the xSNXa Balancer pool were immediately depleted. According to statistics, the xToken hack caused approximately $25 million in losses.
Although the xToken team released a statement at the first time after the incident and responded positively to the reasons for the hack and the subsequent remedial measures, the Chengdu Chain Security Team believes that the xToken hack is quite typical and involves lightning loan attacks, price manipulation and other common attack patterns of hackers, so they immediately intervened to analyze the attack process of the xToken hack. We hope this will serve as a lesson for the majority of DeFi project owners to sound the alarm.
II. Incident Analysis
In this hacking incident, the attackers utilized a total of two typical attack sets in the same transaction.
One, the hackers took advantage of a flash credit to manipulate the price of SNX in DEX, which in turn affected the minted coins in xSNX with the aim of achieving arbitrage.
Second, the hacker exploited the wrong privilege configuration in the xBNT contract to pass in an unintended path address, thus achieving the goal of completing profit with aircoins.
Next, let’s restore how the hacker used “Lightning Credit Attack + Wrong Permission Configuration” to complete the whole attack process.
1, the attacker first used the lightning loan to lend a large amount of money.
- Using Aave’s lending function and Sushiswap’s DEX and other functions to obtain a large amount of SNX tokens, respectively.
- then sell a large amount of SNX in Uniswap, thus disrupting the price of SNX in Uniswap.
- The attack begins
- using a small amount of ETH to obtain a large amount of xSNX.
This attacker exploits the mechanism that the xSNX contract supports the exchange of ETH and SNX for xSNX. Specifically, when the user passes in ETH, the contract converts the user’s ETH into SNX of equal value via Uniswap before exchanging it for xSNX. Due to the attacker’s operations 1~3 in “Preparation”, the price of ETH to SNX in Uniswap is manipulated at this time, which allows a small amount of ETH to be exchanged for a large amount of SNX, and then for a large amount of xSNX.
- The end of the attack
5, the attacker sold in the Bancor for a profit, because the price in the Bancor was not affected, so the price was still normal at that time. At this point the attacker is able to arbitrage and later return the lightning loan.
- The second attack begins
6, and then use the profits gained to exchange a large number of xBNT.
This time the attacker used the xBNT contract to support the function of ETH minting xBNT. The contract will mint xBNT after converting ETH into BNT in Bancor, but it should be noted that this minting function can specify the exchange path, i.e., it can be minted without converting to BNT, which allows the attacker to arbitrarily specify the address of the exchange token.
III. Review of the incident
In the official response from the xToken team, it expressed its deep regret for the loss of assets caused by the hack and mentioned that a security feature would be introduced in the upcoming products in the future to prevent such attacks. Unfortunately, however, this security feature has not yet been introduced across the entire product line, resulting in a loss of $25 million in funds.
In response to the xToken hack, the Chengdu Chain Security team would like to remind that as major DeFi projects continue to evolve, the entire DeFi world will become more and more fluid, with new projects often interacting with previous DeFi projects in various ways, such as the aforementioned Aave and DEX, among others. Therefore, when developing new DeFi projects, you need to pay attention not only to the safety and stability of your own logic, but also to the overall logic of your own logic and the underlying DeFi project you are utilizing.
At the same time, we suggest that DeFi project owners should actively build linkages with third-party security companies to prevent and protect their projects through security cooperation and establishment of security protection mechanisms, and always be aware of security.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/lightning-lending-attack-misconfigured-privileges-25-million-down-the-drain/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.