Temple DAO hacked for over $2.3M

DeFi protocol Temple DAO lost more than $2.3 million on Oct. 11. The hack was first spotted by his Twitter user Spreekaway and confirmed by blockchain analytics firm Peckshield.

According to Peckshield, Hackers funded attacks from SimpleSwap, transferring 1,831 ethereum to the new address 0x2B63d.

TempleDAO retweeted a Twitter thread about an exploit from DeFi protocol Stax Finance. According to the thread, 321,154 xLP tokens were stolen from the xLP staking contract and converted into 1,418,303 $TEMPLE tokens and 1,262,438 $FRAX. TEMPLE tokens were later also sold to FRAX.

It turns out that hackers abused the “missing onlyMigrator check” feature of the StaxLPStaking contract.

Meanwhile, TempleDAO has removed the dApp to avoid misuse. The team urged the hackers to return the funds and offered a legal bounty for their exploits.

Another blockchain security firm, CertiK, said, โ€œThe cause of this attack is that the migrateStake function does not check whether the input oldStaking is expected. You can add your balance.”

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button