Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
According to official news, Polkadot's ecological oracle and prediction protocol OptionRoom stated that it was affected by the "cross-chain asset bridge ChainSwap attack", and many projects including OptionRoom were affected by the hacker attack. Hackers can obtain 2.3 million ROOM tokens on Ethereum and 10 million ROOM tokens on BSC. OptionRoom noticed the hacking before the hackers sold any tokens and decided to remove liquidity from Uniswap and Pancakeswap to protect token holders and liquidity providers from being sold to the liquidity pool by hackers. By selling the deployer's tokens to the Uniswap pool, OptionRoom was able to recover $342,117. In this way, OptionRoom successfully extracted liquidity on behalf of the liquidity provider of the project. The recovered amount will be allocated according to the share of the liquidity provider. Attack method (per SlowMist): Contract Vulnerability. Reported loss: 12,300,000 ROOM.
- chain
- ethereum
- protocol
- OptionRoom
- bug_class
- oracle
- date_occurred
- 2021-07-11
- loss_usd
- —
- source_id
- sm:optionroom::2021-07-11