DODO DEX Suffers $2.1M Hack

DODO, a crypto exchange with contracts on both Binance’s Smart Chain and Ethereum, has suffered a $2.1M hack.

The hacker attacked DODO’s Crowdpools, which the project launched in February as part of their version 2 (V2).

“On March 8, Several DODO V2 Crowdpools were attacked. WSZO, WCRES, ETHA, and FUSI pools were impacted, while AC pool funds have been fully recovered,” the team said on Twitter. “Funds in all other pools, including all V1 pools and all non-Crowdpool V2 pools, are safe.”

DODO said it is working closely with its security partner and experts to recover the funds and will “provide more information as soon as it becomes available.” 

Luciano Orlando, founder of DeFi LATAM, told The Defiant that while he might be “missing some of the tech specs of the exploit… the core point is that the initialization function for those pools shouldn’t have been publicly accessible.”

This allowed the hacker to mint fake ERC-20 tokens for their DODO pool, reinitialize the WCRES/USDT pool and deposit the fake tokens inside, then remove the liquidity, according to Orlando.

In response, the DODO team has halted the pool creation portal on the exchange.DODO’s V2 docs Crowdpools function similarly to call auctions, the most successful of which had $25M of funds staked in the last three hours before the hack.

Get smarter on DeFi and Web3

Get the 5-minute free newsletter keeping 60K+ crypto innovators in the loop.

No spam. Unsubscribe anytime.

Trending Now

CelsiusWithdrawalsPaused
Celsius Defies Fear of Implosion as Token Soars 218%
MarketsPump
Crypto Markets Sustain Rally After Monster Rate Hike
UniswapLPFeesPassETH
Uniswap Tops Ethereum in Terms of Daily Fees

Recent Jobs