link.png

ID:

onering-finance-24

Date:

Status:

Incident Count:

March 21, 2022

Verified

1

info.png
target.png
REKT

Contributor:

chain.png

zerofriction.io

KYC By:

KYC:

No

info.png

Audit By:

Audits:

None

Loss Amount:

1,454,672

info.png

Recovered:

-

Rewards:

Currency:

USD, ETH

info.png

Key Indicators

Platform:

Type:

Category:

Method:

Data Sources:

Fantom

Protocol

Yield

Flash Loans

Extended Method:

Manipulation of LP price

info.png

Days in Operation:

378

(1.04 Years)

chain.png
chain.png
chain.png
chain.png
datasource.png

OneRing Finance reported that the protocol was hacked and the exploiter was able to steal 1,454,672.244369 USDC ($1,454,672.24) via flashloan attack.

The hack was made possible due to a flashloan-assisted price manipulation of the LP tokens, this led to a larger number of OShare tokens being moved from the protocol.

https://medium.com/oneringfinance/onering-finance-exploit-post-mortem-after-oshare-hack-602a529db99b

It is a bit strange the contract is being audited by Certik when this flash loan attack took place and the attacker contract and their footprints are completely obfuscated.

The contract has been configured to self-destruct at a specific block, making it almost impossible to track what specific functions from our contracts were called in order to steal the funds. This only tells us that the hacker is a professional, and since we were the only protocol being exploited, this attack was planned.

info.png

DISCLAIMER: While web3rekt has used the best efforts in aggregating and maintaining this database, this web site makes no representations or warranties with respect to the accuracy or completeness of its information and data herein, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose. 

Under no circumstances, shall web3rekt be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the data and information derived from this database.