Fairyproof’s Analysis of the Attack on FaceDAO
FaceDAO, an application deployed on Ethereum was attacked at 12:22:47 PM on Apr 16, 2022, UTC.
FaceDAO, an application deployed on Ethereum was attacked at 12:22:47 PM on Apr 16, 2022, UTC.
The attacker’s address was 0xAAAA3467Ca1F70494Ca8B821Eef3E34DE2c139E5
The attacked contract was deployed at 0xd432e8611377E307D3e5710132515be1E6AA6156
The hash values of the two attack transactions were:
0xad8123a858804254184ffda793b7416d2bf8958ade3e990a0361f45d6cfee68e and
0xb313ab9e845e461c7a795336d54b60cd4ede72f7a084bb26c26a4c4275f79ee0.
In this incident, 121 ETHs valued at around $360,000 were exploited.
Here is how the attack was carried out:
Before the attacker launched the attack, it tricked the FaceDAO deployer into doing three approval transactions to allow the attacker to transfer the FaceDAO tokens from the FaceDAO deployer.
Then the attacker exploited 60 billion and 5940.1 billion FaceDAO tokens in two transactions respectively. It exchanged the exploited FaceDAO tokens into 121 ETHs via Uniswap and cashed out the ETHs via Tornado.Cash.
It was claimed that it was the private key being leaked that led to this attack. However, based on our analysis this was a typical phishing attack because of two reasons.
The first reason is that if it were a private key being leaked the attack would just directly transfer the tokens rather than tricking the deployer into approving token transfers.
The second reason is that after the attack happened the attacker launched another attack on another application and exploited some STRONG tokens.
Join Coinmonks Telegram Channel and Youtube Channel learn about crypto trading and investing