Hacker Steals $1.45M from OneRing Finance

Crime, News | March 23, 2022 By:

Earlier this week, the project OneRing Finance experienced a flashloan attack. The hacker managed to get away with over $1.4 million worth of USDC via a unique flashloan attack which totaled to almost $2 million after fees. The attack happened in this transaction due to a flashloan-assisted price manipulation of the LP tokens. The funds from the attack were moved to Ethereum and then Tornado Cash, which hides future movement of them.

According to OneRing Finance, the $RING token is completely safe and hasn’t been involved in the hack, none of the liquidity pools have suffered. Only the oShare tokens were exploited, addimng that their multiple farming opportunities in the Fantom space are also as safe as before, Spookyswap, Spiritswap, Beethoven and all their partners are safe to use.

Commenting on the hack, CertiK’s CEO and cofounder Ronghui Gu said that the attack was mainly due to a flashloan-assisted price manipulation of the LP tokens.

“Currently, OneRing has another contract that CertiK is auditing which highlights the flashloan attack vulnerabilities. This is why CertiK highly recommends and stresses the importance of auditing before project deployments,” Gu said.