Ribbon Finance
Multi-Chain
Last audited on 2021/09/09
No active critical issues
Last Issues (23)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | - | - | - | - | 0 |
Fixed | 16 | 5 | 1 | 1 | 23 |
| Total | 16 | 5 | 1 | 1 | 23 |
Reported rekts
Ribbon Finance was reported as rekt on 2022/06/23
Click to show description
Quick Summary A DNS attack was made on Ribbon Finance. During the attack one of the users lost 16.5 $WBTC. Details of the Exploit https://www.youtube.com/watch?v=U4xMcd_1mKY A DNS attack was carried out on the Ribbon Finance project, during which 16.5 $WBTC was lost. The on-chain analysis revealed that the attack has common features with the DNS attack on Convex Finance and was made by the same hacker team. Hackers created a similar website with a malicious contract that required calling the approve() function. Block Data Reference Scammer address: https://etherscan.io/address/0xb73261481064f717a63e6f295d917c28385af9aa Contract creator address: https://etherscan.io/address/0x47832f5505847b6e1cce802201c55ad885146fc6 Malicious contract address: https://etherscan.io/address/0x65a8ec2c367a2d60efc1944c6eab614d73453b2f Transferring 16.5 $WBTC from "victim" to scammer address transaction: https://etherscan.io/tx/0xd09057f1fdb3fa97d0ed7e8ebd8fd31dd9a0b5b61a29a22b46985d6217510850
Audit (1)
| # | Name | Auditor | Date | Chains | Issues |
|---|---|---|---|---|---|
| 1 | Ribbon Finance Audit | OpenZeppelin | 2021/09/09 | Off-Chain (Private) | No active critical issues |