Four Black-hat hackers and one white-hat hacker attacked the ForceDAO platform on the day it was launched. The attack happened a few hours after the platform was launched.
ForceDAO, a decentralized finance protocol experienced security challenges in their systems a few hours after they launched. One white-hat hacker and four black-hat hackers attacked their systems, which made it a bad first day of operations for the company.
The hackers managed to launch their campaign on April 3 and the four black-hat hackers managed to walk away with 183 ETH, which was valued at $367,000. However, one white-hat hacker alerted the firm about the attack and this prevented them from incurring any more losses.
ForceDAO responds to the attack
On the twitter pages of ForceDAO, they provided their customers and other interested parties on the effects of the hack on the ForceDAO platforms. The team from ForceDAO transferred 60 million tokens into a deployed wallet after removing them from the treasury wallet. They also carried out three votes that would get rid of the Force token balances in three addresses belonging to the hackers.
The post-analysis of the hacking attempt also stated that not the entire ForceDAO platform was affected. Rather, they stated that the affected component was Sushi Swap smart-contract, which was being used to pull back tokens incase transaction failed to go through.
According to the ForceDAO team, vulnerability on their contract made it possible for the hackers to exploit the platform and create tokens that they later withdrew and traded them for ETH. The team also acknowledged their mistake and stated that it would have been easy for them to be proactive in preventing this attack.
On the tweet, ForceDAO stated that they would have easily prevented the attack by incorporating a Standard Open Zeppelin ERC-20 or by adding a Safe Transfer on the xSushi contract. The firm also confirmed that they had alerted the relevant security authorities about the hack and that the matter was under investigation.
They also stated that preliminary findings in the investigations showed that some of the hackers’ addresses came from popular exchange platforms such as Binance and FTX. The firm also confirmed that they would relaunch the airdrop campaign using a new xForce token.
After the ForceDAO launch and the airdrop campaign, the xForce toke prices rose to more than $2 on April 4. However, after the hack was revealed, this price dropped to $0.05, which is a 95% drop.