Review: MOBOX Hacked Analysis

Background

On March 14, 2024, according to the early warning of the Slow Mist MistEye security monitoring system, the decentralized lending protocol MOBOX on the Optimism chain was attacked, causing losses of approximately $750,000. The SlowMist security team analyzed the attack incident and shared the results as follows:

(https://twitter.com/SlowMist_Team /status/1768167772230713410)

##Related information

Attacker address:

0x4e2c6096985e0b2825d06c16f1c8cdc559c1d6f8

0x96f004c81d2c7b907f92c45922d38ab870a53945

Attacked contract address:

0xae7b6514af26bcb2332fea53b8dd57bc13a7838e

Attack transaction:

##0x4ec3061724ca9f0b8d400866dd83b92647ad8c943a1c0ae9ae6c9bd1ef789417

Attack Core

There are two main core points of this attack. One is that the attacker exploits the borrow() function vulnerability in the contract, and each time it is called The function will trigger the distribution of rewards to the recommender's address. Since the reward calculation is based on the number of transferred tokens, the attacker can increase the amount of the next borrowing by transferring the reward to the referrer back to the attacked contract again. The second is that each time the borrow() function is called, a part of the MO tokens in the pool will be burned, so the price of MO tokens is continuously raised. In the end, the attacker can make profits by continuously borrowing and superimposing rewards.

Transaction Analysis

We can find that the entire attack process mainly involves calling the vulnerable borrow() function in a loop, and then immediately calling redeem() performs a redemption and then transfers the tokens allocated to the referrer back to the attack contract.

Following up the analysis of the borrow() function, we can find that every time this function is called, part of the MO tokens in the pool will be burned.

However, the amount of USDT loaned out is calculated based on the price of MO tokens in the pool. Since the price of MO tokens is burned due to The continuous increase eventually led to the attacker using a small amount of MO tokens to lend out a large amount of USDT tokens.

In addition, each time a loan is borrowed, a referrer address will be given a dividend reward, and this function is based on the number of MO tokens passed in. computational.

However, since the recommender address is also controlled by the attacker (0x96f004c81d2c7b907f92c45922d38ab870a53945), the attacker can reward this part after completing the loan operation. Transfer it back to superimpose the next borrowing amount and dividend rewards.

After the above cycle operation, the attacker increased the price of MO tokens, and finally could use a very small number of MO tokens to lend out large amounts of money in the contract. amount of USDT, and directly exchange all USDT in the unbalanced pool to make a profit.

Summary

The core of this attack is that the attacker uses the borrow() function to burn the pool The mechanism of partial tokens in the middle continuously borrows assets to increase the price of tokens in the pool and obtains referrer rewards, and then transfers the tokens back and borrows them again, thereby continuously adding rewards and manipulating prices. The SlowMist security team recommends that project parties add lock-up time limits to similar functions and consider multiple factors when designing the price model of lending to avoid similar incidents from happening again.

The above is the detailed content of Review: MOBOX Hacked Analysis. For more information, please follow other related articles on the PHP Chinese website!