Earlier, OlympusDAO users were briefly alarmed after a hacker exploited 30,000 OHM tokens worth $300,000 and then returned the funds.
It appears the hacker is a white hat hacker, he/she exploited a flaw in the OHM Bonds smart contract, a new product, and got access to the system.
OlympusDAO Confirms Exploit
Developed last year, OlympusDAO is a decentralized reserve money technology. Their OHM Bonds product recently began testing. The DAO alerted its members to the hack in the Discord server after discovering the exploit.
“This morning, an exploit occurred through which the attacker was able to withdraw roughly 30K OHM ($300K) from the OHM bond contract at Bond Protocol. This bug was not found by three auditors, nor by our internal code review, nor reported via our Immunefi bug bounty,” the announcement read”
The funds impacted were restricted as a result of the staggered implementation, OlympusDAO added.
The amount stolen is merely a fraction of the $3.3 million bounty the hacker could have claimed if they had reported the exploit.
The DAO team announced at the time that it had stopped the affected markets and was now exploring for methods to make up for the affected users.
Hacker Returns Stolen Funds
The OlympusDAO team didn’t have to wait long, either, because the hacker returned back all the funds.
“Funds have been returned to the DAO wallet,” the community update for the DAO states.
The hacker declined to reveal why he decided to refund the money. Some have suggested that he might be drawing attention to the flaw, though.
Regardless, the hack exposes DeFi smart contracts’ vulnerability even as the technology advances.
In October, there were a record number of cryptocurrencies stolen from DeFi ecosystems.
The likes of Mango Markets, Moola Market, BNB Chain, and many others were among the compromised protocols that were used to steal hundreds of millions of dollars.