Analysis of Flurry Finance theft event: the project does not stand "under the dangerous wall"

attack steps

Below, the CertiK security team will give you a detailed interpretation and analysis from the aspects of contract addresses and attack operations.

attack steps

①The attacker deployed a malicious token contract (also used as an attack contract) and created a PancakeSwap transaction pair for the token and BUSD.

Attacker: https://bscscan.com/address/0x0f3c0c6277ba049b6c3f4f3e71d677b923298b35

Malicious token contract: https://bscscan.com/address/0xb7a740d67c78bbb81741ea588db99fbb1c22dfb7

PancakeSwap trading pair: https://bscscan.com/address/0xca9596e8936aa8e902ad7ac4bb1d76fbc95e88bb

②The attacker makes a flash loan from Rabbit's Bank contract and triggers the execute method of StrategyLiquidate.

The execute method decodes the input data into the LP token address, and further obtains the malicious token contract address.

The attacker uses the attack code in the malicious token contract to launch a preliminary attack: https://bscscan.com/address/0xbeeb9d4ca070d34c014230bafdfb2ad44a110142

StrategyLiquiddate contract: https://bscscan.com/address/0x5085c49828b0b8e69bae99d96a8e0fcf0a033369

③The malicious token contract calls the performUpkeep method of the FlurryRebaseUpkeep contract, re-counts the relevant amount of the Vault contract, and updates the multiplier of the associated Rho token.

The multiplier here will be used for the balance calculation of Rho tokens. The relevant amount of the Vault contract is re-stated, and the multiplier of the Rho token related to it is updated. The multiplier here will be used for the balance calculation of Rho tokens. This update is based on the balance in the profit strategy contract associated with the Vault contract.

The update is triggered during the flash loan process. At this time, the flash loan has not yet ended, and the loaned amount has not yet been returned, so the current balance of the Bank contract is much smaller than the normal value. This Bank contract is also a part of a certain strategy, which makes the balance of a certain strategy smaller than the normal value, which further causes the multiplier to be smaller than the normal value.

FlurryRebaseUpkeep contract: https://bscscan.com/address/0x10f2c0d32803c03fc5d792ad3c19e17cd72ad68b

One of the Vault contracts: https://bscscan.com/address/0xec7fa7a14887c9cac12f9a16256c50c15dada5c4

④ The attacker returned the amount of the flash loan and completed the initial attack, and made preparations for further attacks to make profits.

⑤ In the following transaction, the attacker deposits tokens with the low multiplier obtained in the previous transaction, updates the multiplier to a higher (normal) value, and withdraws tokens with the high multiplier. For example, in one of the initial attack transactions, the multiplier was updated to 4.1598e35.

The multiplier was updated to 4.2530e35 in the transaction of the further attack.

Attack example: https://bscscan.com/tx/0x923ea05dbe63217e5d680b90a4e72d5552ade9e4c3889694888a2c0c1174d830

https://bscscan.com/tx/0x646890dd8569f6a5728e637e0a5704b9ce8b5251e0c486df3c8d52005bec52df

⑥Because the multiplier is one of the factors that determine the balance of Rho tokens:

The attacker's Rho token balance was increased in the transaction, so he was able to withdraw more tokens from the Vault.

text

write at the end

The incident was mainly caused by external dependencies.

In addition, the CertiK official website https://www.certik.com/ has added a community warning function. On the official website, you can always see various community warning information related to vulnerabilities, hacker attacks, and Rug Pull.

The early warning of this incident was broadcast on CertiK official Twitter [https://twitter.com/CertiKCommunity] at the first time.

In addition, the CertiK official website https://www.certik.com/ has added a community warning function. On the official website, you can always see various community warning information related to vulnerabilities, hacker attacks, and Rug Pull.

With the recent high incidence of attacks, encryption project parties and users should be more vigilant and improve and audit the contract code in a timely manner. In addition, the technical team should pay attention to the security incidents that have occurred in a timely manner, and check whether similar problems exist in their own projects.