TempleDAO Loses $2 Million in Latest Exploit

Funds were converted to ether and moved to a new wallet

by Bessie Liu /
article-image

Source: DALL·E

share

key takeaways

  • An estimated 1.1 million TEMPLE was sold off
  • The root cause of the exploit was insufficient access control to the migrateStake function, according to BlockSec

TempleDAO, a yield-farming DeFi protocol, has been exploited for around $2.34 million.

All funds exploited were converted to ether and then moved to a new wallet, where they now sit. 

The pseudonymous Doc Peppercorn, a contributor to TempleDAO, posted on its Discord group that a series of transactions through Stax Finance, a TempleDAO-affiliated dapp, led to the sell-off of an estimated 1.1 million TEMPLE, the primary token of the Temple Protocol.

“We are investigating what happened so we can bring you the full picture of how this occurred, what we did to resolve and any further remediation steps,” he wrote.

The root cause of the exploit was insufficient access control to a specific function in the Stax smart contract, according to security firm BlockSec.

Prior to the exploit, TempleDAO’s protocol’s total value locked was about $57 million, according to DeFiLlama. The exploit amounted to roughly 4% of the protocol’s assets. 

According to a recent report published by bug bounty and security services platform, Immunefi, DeFi protocols remain a key target for exploits in comparison to centralized finance — representing a total of 98.8% of losses in Q3 of 2022 — with the Nomad Bridge hack and the Wintermute exploit making up the majority of the losses.

The two most targeted chains were Binance’s BNB Chain, which was recently drained of over 2 million BNB, and Ethereum, according to the report.

At the time when the report was published, the BNB Chain had suffered from 16 individual attacks resulting in the loss of 28.6% of all losses across targeted chains, and Ethereum reported 13 incidents which represented 23.2% of total losses.

The exploiter’s address was originally funded from an address on the Binance Exchange, so it’s possible the exchange may have know-your-customer information on the culprit.

A Binance spokesperson did not immediately respond to a request for comment.

Stax Finance is exploring its options.

Loading Tweet..

Temple DAO said that its Core Vaults do not share code with Stax and are therefore unaffected.

Don’t miss the next big story – join our free daily newsletter.

Tags

Upcoming Events

Permissionless III

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

join us in Salt Lake City, UT

Digital Asset Summit 2024 | London

MON - WED, MARCH 18 - 20, 2024

Crypto’s premier institutional conference returns to London in March 2024. The DAS: London Experience:  Attend expert-led panel discussions and fireside chats  Hear the latest developments regarding the crypto and digital asset regulatory environment directly from policymakers and experts   Grow your network […]

join us in Hilton Metropole | 225 Edgware Rd, London

buy tickets

recent research

Pyth Cover.jpg

Research

Pyth Network: Pull, Not Push

Pyth is a low latency pull-based oracle. In a future that looks increasingly high frequency, with various alt L1s and L2s that have significantly shorter block times than Ethereum, and an explosion of “high-frequency” protocols such as oracle or CLOB perp DEXs, Pyth’s low latency oracle product looks much better positioned to capture a significant amount of market share in comparison to competitors.

by Ren Yu Kong

/

news

article-image

Business

Binance CEO Changpeng Zhao to step down: WSJ

The Binance executive is also reportedly set to make an appearance in a Seattle courtroom Tuesday

by Katherine Ross /
article-image

Business

Bullish or bearish? A wild 24 hours for crypto exchanges

Monday developments reaffirmed the US as unfriendly to crypto while also offering a potential bullish outlook for segment firms, industry watchers say

by Ben Strack /
article-image

Policy

DOJ to announce ‘significant’ crypto enforcements alongside CFTC, Treasury

It’s unclear what “actions” the CFTC, DOJ and Treasury will announce Tuesday afternoon

by Katherine Ross /
article-image

DeFi

Wannabe L2 Blast bursts onto scene promising high ETH yield — in 3 months

Some 18,000 accounts have already sent $27 million in crypto to a one-way bridge controlled by a Blast multisig

by Macauley Peterson /
article-image

DeFi

Telegram trading bot tallies daily volume topping $16M

Telegram bots have seen a cumulative trading volume of over $4 billion

by Bessie Liu /
article-image

DeFi

Avalanche gets the ‘Ordinals’ bump, sets new transaction record

Avalanche has been inundated with transactions for inscriptions, similar to the Ordinals that already hit Bitcoin, Litecoin and Dogecoin

by Bessie Liu /