At 1:46 pm on February 22, 2022, Beijing time, the CertiK security expert team detected a series of suspicious activities related to Flurry Finance. The Vault contract of Flurry Finance was attacked and assets worth about $293,000 were stolen.

attack steps

attack steps

attacker:

attacker:

https://bscscan.com/address/0x0f3c0c6277ba049b6c3f4f3e71d677b923298b35

Malicious Token contract:

https://bscscan.com/address/0xb7a740d67c78bbb81741ea588db99fbb1c22dfb7

PancakeSwap trading pairs:

https://bscscan.com/address/0xca9596e8936aa8e902ad7ac4bb1d76fbc95e88bb

The attacker makes a flash loan from Rabbit's Bank contract and triggers the execute method of StrategyLiquidate.

The execute method decodes the input data into the LP Token address, and further obtains the address of the malicious Token contract.

The attacker uses the attack code in the malicious Token contract to launch a preliminary attack:

https://bscscan.com/address/0xbeeb9d4ca070d34c014230bafdfb2ad44a110142

StrategyLiquiddate contract:

https://bscscan.com/address/0x5085c49828b0b8e69bae99d96a8e0fcf0a033369

The malicious Token contract calls the performUpkeep method of the FlurryRebaseUpkeep contract, re-counts the relevant amount of the Vault contract, and updates the multiplier of the related Rho Token.

The multiplier here will be used for the balance calculation of Rho Token. Re-count the relevant amount of the Vault contract, and update the multiplier of the Rho Token related to it. The multiplier here will be used for the balance calculation of Rho Token. This update is based on the balance in the profit strategy contract associated with the Vault contract.

The update is triggered during the flash loan process. At this time, the flash loan has not yet ended, and the loaned amount has not yet been returned, so the current balance of the Bank contract is much smaller than the normal value. This Bank contract is also a part of a certain strategy, which makes the balance of a certain strategy smaller than the normal value, which further causes the multiplier to be smaller than the normal value.

FlurryRebaseUpkeep contract:

https://bscscan.com/address/0x10f2c0d32803c03fc5d792ad3c19e17cd72ad68b

One of Vault's contracts:

https://bscscan.com/address/0xec7fa7a14887c9cac12f9a16256c50c15dada5c4

The attacker returned the flash loan amount and completed the initial attack, and is ready to profit from further attacks.

In the following transaction, the attacker deposits the token with the low multiplier obtained in the previous transaction, updates the multiplier to a higher (normal) value, and withdraws the token with the high multiplier. For example, in one of the initial attack transactions, the multiplier was updated to 4.1598e35.

The multiplier was updated to 4.2530e35 in the transaction of the further attack.

Attack example:

https://bscscan.com/tx/0x923ea05dbe63217e5d680b90a4e72d5552ade9e4c3889694888a2c0c1174d830

https://bscscan.com/tx/0x646890dd8569f6a5728e637e0a5704b9ce8b5251e0c486df3c8d52005bec52df

Because the multiplier is one of the factors that determine the Rho Token balance:

The attacker's Rho Token balance was increased in the transaction, so he was able to withdraw more Tokens from the Vault.

write at the end

write at the end

The incident was mainly caused by external dependencies.

Therefore, CertiK's security experts suggest that the project should have a clear understanding of its security before interacting with external contracts, and limit the possible impact of external dependencies on its own contracts.

The early warning of this event was issued in theCertiK Official Twitterbesides,

besides,CertiK official websiteCommunity alert function has been added. On the official website, you can always see various community warning information related to vulnerabilities, hacker attacks, and Rug Pull.