Binance Smart Chain
Lack of access control of ownership transfer
Days in Operation:
According to analysis performed by QuilAudits, Ragnarok Online Invasion($ROI) was attacked. The cause of the attack was a typical access control vulnerability of ownership transfer function. Around 158 BNB (44,222.5 BUSD) was stolen by the hackers in this attack.
Ragnarok Online Invasion ($ROI) is a cryptocurrency, deployed on Binance Smart Chain(BSC BEP-20). It is a token created to characterize the GameFi or NFT video game called “Ragnarok Online”.
The cause of this attack was a simple access control issue, which allowed anyone to transfer ownership of the contract. The transferOwnership function has no access controls like OnlyOwner modifier or onlyAdmin to prevent malicious users from calling the function.
DISCLAIMER: While web3rekt has used the best efforts in aggregating and maintaining this database, this web site makes no representations or warranties with respect to the accuracy or completeness of its information and data herein, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose.
Under no circumstances, shall web3rekt be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the data and information derived from this database.