We use cookies to improve your experience.
Lost or forgotten your password? Please enter your email ddress. You will receive mail with link to set new password.
NFT protocol OMNI experienced a hack where 1,300 ETH in internal testing funds stolen.
The attacker carried out a reentrancy attack.
The NFT space continues to be a prime target for bad actors.
Deposit and make your first trade for up to $3,000 in rewards Get Started Now!
NFT money market OMNI experienced a reentrancy attack on the beta version of its protocol. No real funds were stolen, as the attacker only stole 1,300 ETH in internal testing funds.
if (!window.AdButler){(function(){var s = document.createElement(“script”); s.async = true; s.type = “text/javascript”;s.src = ‘https://servedbyadbutler.com/app.js’; var n = document.getElementsByTagName(“script”)[0]; n.parentNode.insertBefore(s, n);}());}
var AdButler = AdButler || {}; AdButler.ads = AdButler.ads || [];
var abkw = window.abkw || ”;
var plc514000 = window.plc514000 || 0;
AdButler.ads.push(function(){
AdButler.enableLazyLoading();
});
AdButler.ads.push({handler: function(opt){ AdButler.register(177750, 514000, [300,600], ‘placement_514000_’+opt.place, opt); }, opt: { place: plc514000++, keywords: abkw, domain: ‘servedbyadbutler.com’, click:’CLICK_MACRO_PLACEHOLDER’ }});
NFT protocol OMNI experienced a hack, losing 1,300 ETH in valueless funds as only internal testing funds were stolen, and no users’ funds were affected. The incident took place on July 10.
if (!window.AdButler){(function(){var s = document.createElement(“script”); s.async = true; s.type = “text/javascript”;s.src = ‘https://servedbyadbutler.com/app.js’; var n = document.getElementsByTagName(“script”)[0]; n.parentNode.insertBefore(s, n);}());}
var AdButler = AdButler || {}; AdButler.ads = AdButler.ads || [];
var abkw = window.abkw || ”;
var plc460554 = window.plc460554 || 0;
AdButler.ads.push(function(){
AdButler.enableLazyLoading();
});
AdButler.ads.push({handler: function(opt){ AdButler.register(177750, 460554, [300,250], ‘placement_460554_’+opt.place, opt); }, opt: { place: plc460554++, keywords: abkw, domain: ‘servedbyadbutler.com’, click:’CLICK_MACRO_PLACEHOLDER’ }});
Statement:
1/ OMNI is still in a testing (beta). No customer funds were lost, only internal testing funds were affected!
We have suspended the OMNI protocol until we completed the investigation and have everything reviewed again by external security and auditing firms.
OMNI was quick to point out that the protocol was still in the beta phase and that it was just the internal testing funds that were affected. The team has suspended the protocol and is currently investigating the cause of the attack. PeckShield later said that it seemed to be a reentrancy-related hack.
It seems a reentrancy-related hack. @ParallelFi @OMNI_xyz The stolen funds were just mixed via @TornadoCash https://t.co/Nyunlkk3rr pic.twitter.com/XxxVyX80Fq
Crypto security firm BlockSec later elaborated on the hack, saying that the attack on the protocol is “due to the old-school reentrancy of onERC721Received.” It also later highlighted the vulnerabilities in the smart contracts, showing that the attacker used NFTs to borrow ETH. The borrowed ETH was turned into bad debt that didn’t require paying.
1/ Now it's safe to disclose the root cause. The attack(https://t.co/iitml2DybH) on Omni Protocol @ParallelFi is due to the old-school reentrancy of onERC721Received.
The team hasn’t yet offered a thorough postmortem on the attack, which usually follows an attack. They are fortunate in that only internal testing funds were stolen. The DeFi and NFT space has been subject to several attacks, with bad actors making away with hundreds of millions of dollars.
OMNI is an NFT financialization protocol that is an NFT money market, offering lending and borrowing services. Users can lend NFTs and other ERC-20 tokens to earn interest on them. The assets can also be used as collateral for borrowing assets.
The NFT space, while it has been slowing down in terms of sales, remains one of the most active sectors in the crypto market. This has made it a prime target for hackers, who seek to find exploitations where they can and make away with the funds. Several such incidents have taken place this year alone.
NFT lending pool XCarnival lost nearly $4 million in an exploit, though the hacker accepted a 1,500 ETH bounty. The Bored Ape Yacht Club has also suffered multiple attacks — phishing attempts that targeted Discord and other social media platforms.
The most prominent hack in this space was that of the Ronin Bridge, which saw over $600 million stolen. Analysts believe that North Korean hackers were behind the incident. With the recent market crash, however, North Korea has seen its stolen crypto value dwindle to a much smaller sum.
Rahul's cryptocurrency journey first began in 2014. With a postgraduate degree in finance, he was among the few that first recognized the sheer untapped potential of decentralized technologies. Since then, he has guided a number of startups to navigate the complex digital marketing and media outreach landscapes. His work has even influenced distinguished cryptocurrency exchanges and DeFi platforms worth millions of dollars.
Join our Telegram Group and get trading signals, a free trading course and daily communication with crypto fans!
Join Our Telegram
Stay tuned with daily newsletters that make reading the news simple and enjoyable
Make your first deposit and trade now to earn up to $3,000 in rewards!
UUEX airdrop: Sign up to get 50 USDT, you can Withdraw to Wallet
Poloniex.com – Earn up to 30% staking rewards anytime with our mobile app