A hacker steals $300,000 from the Olympus DAO using the Bond Protocol

Using a security flaw, a hacker stole $300,000 from the DeFi protocol Olympus DAO today.

Following negotiations, the hacker has returned all of the stolen tokens, an Olympus DAO spokeswoman informed The Block.

At 1:12 a.m. EST today, a hacker stole 30,437 OHM tokens (about $300,000) from one of the smart contracts on Bond Protocol that Olympus DAO ran. According to security company PeckShield, the problem occurred because the particular contract failed to adequately authenticate the hacker’s illicit cash transfer request.

The affected “BondFixedExpiryTeller” contract was used to open bonds denominated in Olympus DAO’s OHM tokens. The contract lacked a validation input in the “redeem()” method, which enabled an attacker to redeem money by manipulating input values, according to PeckShield.

The Olympus team recognized the hack in the official Discord and said, “This morning, an exploit allowed the attacker to withdraw about $300,000 from the OHM bond contract at Bond Protocol.”

The DAO produces OHM tokens at a discount in exchange for investors’ cryptocurrency, a mechanism aimed to build its treasury over time.

Also Read: Blockchain Association Predicts Economic Recovery Will Boost Bitcoin Investment And Price