$1.8 Million Lost in Old Smart Contract Exploit: Dolomite Falls Victim to Hack
Dolomite, a popular crypto exchange, has suffered a devastating breach resulting in a loss of $1.8 million, including 541 ETH. This unexpected breach has sent shockwaves throughout the community, shedding light on the vulnerability of even the most secure systems.
A blockchain security firm called Peckshield Alerts uncovered the breach and revealed that a previously secure contract at Dolomite was manipulated, leading to an unauthorized transfer of approximately $1.8 million USDC. The attacker quickly exchanged the stolen funds for 541.5 ETH and 94,000 DAI tokens, leaving Dolomite and its users in a state of shock.
The breach was made possible due to a flaw in the “callFunction” feature, which allowed calls to any code. The absence of a crucial “reentrancy guard” in the “call” function enabled the attacker to drain funds from unsuspecting users, exploiting a vulnerability that was highlighted in a CertiK report.
In response to the breach, Dolomite’s development team acted swiftly by notifying affected users to revoke access linked to the Ethereum Dolomite address. They also disabled the compromised contract on Arbitrum, effectively mitigating further risks and minimizing the extent of the damage.
However, users are advised to take additional security measures by revoking any associated access. This precautionary step will help safeguard against potential threats and ensure the protection of their assets.
The breach occurred during Dolomite’s transition from Ethereum to Arbitrum in 2022, a move aimed at leveraging the advanced capabilities of smart contracts. This transition has allowed Dolomite to effectively manage the Ethereum version, despite the immutable nature of smart contracts.
In light of this breach, users are urged to be proactive in safeguarding their assets. This includes revoking approvals from compromised contracts and remaining vigilant in their crypto activities to prevent similar incidents in the future.
The breach at Dolomite serves as a stark reminder of the ongoing threats faced by crypto exchanges and their users. However, it also emphasizes the importance of swift action and proactive security measures in mitigating risks and protecting against potential breaches.
As the crypto landscape continues to evolve, it is crucial that we adapt our approach to security and safety to stay ahead of potential threats.