avatar

CertiK: Rikkei Finance Attacked Due to Lack of Access Control on setOracleData Function

CertiK tweeted that Rikkei Finance was attacked due to a lack of access control on function setOracleData. The attacker changed the oracle to a malicious contract, and then manipulated prices, borrowed funds to then drain $USDC, $BTCB, $DAI, $USDT, $BUSD and $BNB from the contract in successive transactions. The attacker swapped all of those tokens to 2,671 $BNB (about $1.11 million) and then used Tornado Cash to transfer those $BNB out of his address.
Source

Metaverse

DeFi

Security Incidents

In This Article

Related News
Term Finance recovers $1 million of $1.6 million loss to oracle configuration error Term Finance recovers $1 million of $1.6 million loss to oracle configuration error
Bybit hackers move over half the stolen ETH onto Bitcoin, largely using ThorChain Bybit hackers move over half the stolen ETH onto Bitcoin, largely using ThorChain
Stablecoin neobank Infini exploited for $49 million: security analysts Stablecoin neobank Infini exploited for $49 million: security analysts
Wildcat, the decentralized credit platform built by Crypto Twitter mainstay Laurence Day, launches new version on Ethereum Wildcat, the decentralized credit platform built by Crypto Twitter mainstay Laurence Day, launches new version on Ethereum
NoOnes CEO Ray Youssef discloses $8 million exploit weeks after the fact, confirming crypto sleuth ZachXBT's investigation NoOnes CEO Ray Youssef discloses $8 million exploit weeks after the fact, confirming crypto sleuth ZachXBT's investigation
Latest News More More
13 Hours Ago Sei community weighs proposal to deprecate native Cosmos accounts, move to EVM-only model
1 Day Ago Ethereum developers activate Pectra upgrade with 11 changes to improve UX, validator ops and Layer 2 scaling
2 Days Ago Solana validators patch zero-day bug that could have led to unlimited minting of certain tokens
2 Days Ago Riot Platforms sells mined bitcoin for first time since January 2024, nets $38.8 million
April 29 Circle secures in-principle approval to operate as money services provider in Abu Dhabi

About TokenInsight

Services

Products

Support

Google Play
Google Play
Google Play
2018 – 2023 © TokenInsight Ltd. All rights reserved
Disclaimer Terms of Service Privacy Policy
delate
Use TokenInsight App All Crypto Insights Are In Your Hands
Open