ETH DeFi project ForceDAO, got hacked a few moments after the launch, by five hackers this morning and revived concerns around the experimental sector with huge amounts of money flowing into old projects so let’s read some more in our latest Ethereum news today.
The ETH DeFi project ForceDAO is a decentralized autonomous organization for so-called “quant finance.” The goal of the project is to leverage high returns and to produce superior returns by providing strategies and rewarding the strategists with powerful incentives. Over the past week, the protocol’s developers said they will airdrop some tokens to users of other DeFi protocols to ensure a fair launch and to attract more crypto users to form a new community of their own. A total of 25 million FORCE tokens were to be distributed in the next month for those staking Badger, Curve,MakerDAO, Aave, Sushi, Vesper, and Yearn.Finance.
Our team is aware of the xFORCE contract exploit and has identified the nature of the issue.
There are no further funds available on the xFORCE contract to be exploited.
All other vaults are safe.
We will provide a post-mortem and next steps over the coming hours.
— Force (@force_dao) April 4, 2021
But this morning, during the airdrop, things went south. The ForceDAO project got hacked by five hackers, moments after the airdrop, causing the FORCE prices to drop more than 90% in a sudden fall. Mudit Gupta who is a blockchain lead at Polymath Network explained what happened as according to him, the hackers exploited a Solidity issue that allowed users to obtain Force tokens via illicit processes.
Interesting situation going on with ForceDAO. Liquidity has been withdrawn, price is down 90%+ and there are indications that it could have been a white hat “hack” pic.twitter.com/Y5aUcvvuG0
— Larry Cermak (@lawmaster) April 4, 2021
Hackers were able to manipulate the way that xFORCE tokens are handled and he noted:
“In the FORCE token, the transfer functions return false rather than reverting when the sender doesn’t have enough balance. The xFORCE contract assumes FORCE will revert and does not handle the returned value. This means anyone can call the `deposit` function of the xFORCE contract even if they do not have any FORCE tokens. The xFORCE contract will mint them fresh xFORCE tokens even though it will fail to lock their nonexistent FORCE tokens.”
xFORCE contract from @force_dao hacked and drained by a whitehacker. In the FORCE token, the transfer functions return false rather than reverting when the sender doesn’t have enough balance. The xFORCE contract assumes FORCE will revert and does not handle the returned value. pic.twitter.com/lPo9vJ48bs
— Mudit Gupta (@Mudit__Gupta) April 4, 2021
Gupta stated that over five hackers hacked the project after reviewing the various addresses that the hackers conducted their attack from. One of them was a “whitehat” hacker who returned the funds back to the network but the others sold their proceeds. More than $350,000 ETH was dumped by hackers but the team hasn’t issued any other statements as of press time.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]