Decoding Rubic Exchange Exploit | QuillAudits

Summary:

Introduction to Protocol and How its tech works.:

Check out the official docs for more info on the protocol.

Vulnerability Analysis & Impact:

On-Chain Details:

Setting USDC as Router Txn: 0x30679e7b6b410fb78368f5fb6e4c203e44d81c66ae9014c797e40856be1bbe66

Attacker transfer Txns:
0x9a97d85642f956ad7a6b852cf7bed6f9669e2c2815f3279855acf7f1328e7d46
0x6551b933b984342fd353d4b522aee7db500900e208dc1337b0c1f17647e36e56

The attack:

See here: 0x30679e7b6b410fb78368f5fb6e4c203e44d81c66ae9014c797e40856be1bbe66

The attack started with the attacker funding his wallet with 0.19 ETH from the SWFT swap.

Then, the attacker took advantage of the flaw in the contract and started transferring USDC tokens from users(who approved their tokens to the router contract) to his contract via the transferFrom interface.

The attacker then swapped USDC tokens for ETH and sent the tokens to his wallet.

There were 2 such transactions made by hackers and around 1.45 Million were stolen by him. The hacker then transferred the stolen funds through the Tornado Cash.

After the Exploit :

Status of Funds:

And currently, the attacker has 0.049 ETH i.e. $60 in his wallet.

Reference:

Web3 security- Need of the hour

Want more Such Security Blogs & Reports?

Partner with QuillAudits :

--

--

Smart Contract Auditing Experts , Making web3 a safer place . audits@quillhash.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store