DAO Maker, a crypto fundraising platform commonly mistaken for MakerDAO, suffered a hack that resulted in the loss of more than $7.00 million (£5.07 million). A report unveiled this news on August 12, citing a disclosure from PeckShield, a Chinese blockchain security company. Reportedly, the attacker leveraged a vulnerability on the network and made away with 7,376,245 USDC.
According to the report, the hacker transferred the funds to an Ethereum address then exchanged the USDC for 2,261 ETH through UniSwap, a decentralized finance protocol that facilitates crypto exchange. Allegedly, the attacker breached the network’s security systems by taking advantage of a bug.
Following the attack, DAO Maker published a blog post, saying the exploited bug was in the SHO contract, which is susceptible to potential risk because it is used in every SHO. Reportedly, the attacker tested this vulnerability by transferring 10,000 USDC from a wallet with admin privileges. After this transaction went through, the malicious actor proceeded to make 15 more transactions unnoticed. As a result, 5,251 users were affected, and DAO Maker estimates an average loss of approximately $1,250.00 (£904.96) per user.
Light at the end of the tunnel
Seeing as each cloud has a silver lining, DAO Maker said users with up to $900.00 (£651.57) did not suffer any losses. Assuring users that it is doing everything possible to recover the stolen funds, DAO Maker said that it had secured the services of Cipher Blade, a blockchain forensics company. Reportedly, these efforts have already seen Cipher Blade discover a Binance account involved in the hack.
The blockchain forensics company is working closely with Etherscan to pinpoint the attacker’s location. Additionally, Cipher Blade has shared the hacker’s wallet information on every crypto exchange. To prevent similar
