Security Breach At Dolomite: Users Urged To Take Precautionary Measures

The Ethereum contracts associated with the popular decentralized exchange, Dolomite, recently fell victim to a concerning approval attack, resulting in a significant loss estimated at around $1.9 million. 

The old contracts of @Dolomite_io on Ethereum suffered an approval attack, resulting in a loss of ~$1.9M.

The hacker exploited the batchTransfer function of the TradeDelegate contract to transfer tokens approved to the contract from users. The batchTransfer function can only be… https://t.co/kXZsIXPtkI pic.twitter.com/SwnwwEvszA

— Beosin Alert (@BeosinAlert) March 21, 2024

The attack targeted the batchTransfer function within the TradeDelegate contract, exploiting tokens approved to the contract from unsuspecting users. This function, designed to be accessible only by approved addresses, was manipulated by the hacker to their advantage.

In response to the breach, the Dolomite team took swift action by submitting a transaction to disable the exploited contract, thereby preventing further unauthorized access.

2/

We have submitted a transaction that disables the exploited contract from being called anymore.https://t.co/gtE0HRueqg

In the interest of providing real time updates, we are posting this now as we investigate, and we will update this thread as we learn & do more.

— Dolomite