NFT protocol OMNI suffers from reentrancy attacks, loses 1300 ETH in test agents
The NFT money market OMNI experienced a reentrancy attack on the beta version of the protocol. No real funds were stolen, since the attacker only stole 1300 ETH in internal test funds.
The NFT protocol OMNI experienced a hack, and lost 1300 ETH in worthless funds when only internal test funds were stolen and no users’ funds were affected. The incident took place on 10 July.
OMNI was quick to point out that the protocol was still in the beta phase and that only the internal test funds were affected. The team has suspended the protocol and is currently investigating the cause of the attack. PeckShield later said it appeared to be a reentrancy-related hack.
The crypto-security company BlockSec later elaborated on the hack, saying that the attack on the protocol is “due to the old school’s re-introduction of onERC721Received.” It also later highlighted the vulnerabilities in the smart contracts, and showed that the attacker used NFTs to borrow ETH. The borrowed ETH was converted into bad debt that did not require payment.
The team has not yet offered a thorough postmortem on the attack, which usually follows an attack. They are lucky that only internal test funds were stolen. The Defi and NFT rooms have been subjected to several attacks, with bad actors who have done away with hundreds of millions of dollars.
OMNI is an NFT financing protocol which is an NFT money market, which offers lending and lending services. Users can borrow NFTs and other ERC-20 tokens to earn interest on them. The assets can also be used as collateral to borrow assets.
Attacks continue to plague the NFT area
The NFT area, while slowing down in terms of sales, is still one of the most active sectors in the crypto market. This has made it a major target for hackers, who seek to find exploits where they can and do away with the means. Several such incidents have taken place this year alone.
The NFT lending pool XCarnival lost almost $ 4 million on an exploitation, even though the hacker accepted a bounty of 1500 ETH. Bored Ape Yacht Club has also been the target of several attacks – phishing attempts targeting Discord and other social media platforms.
The most prominent hack in this room was the Ronin Bridge, which saw over $ 600 million stolen. Analysts believe that North Korean hackers were behind the incident. However, with the recent market crash, North Korea has seen its stolen crypto value fall to a much smaller amount.
Disclaimer
All information on our website is published in good faith and for general information purposes only. Any action taken by the reader on the information contained on our website is strictly at your own risk.
