Vestra DAO, a decentralized autonomous organization, has fallen victim to a cyber attack after a hacker exploited a logical flaw in its token staking contract.
On-chain analysts reported suspicious activity involving the movement of VSTR tokens. The stolen tokens, worth around $500,000, were quickly funneled through the Tornado mixer to obscure their origins. While the attack was considered relatively small in scale, it raised concerns about the security risks for other participants in the platform.
The exploit was first identified by blockchain researcher Chaofan Schou, who urged users to immediately revoke permissions on their wallets to mitigate further exposure.
In a recent post on X, Vestra DAO acknowledged the hack. The organization confirmed that it had quickly identified the issue, implemented necessary precautions, and blacklisted the compromised contract to prevent any further damage. Also stating that the hack led to a total of 73,720,000 VSTR being stolen.
The compromised smart contract involved in the hack contained the remaining 755 million VSTR tokens, accounting for 1.51% of the total token supply. Although the hack targeted a relatively small portion of the overall token pool, the resulting market crash caused a significant loss in value for the project.
However, Vestra DAO may have enough reserves to compensate affected users, but the incident has raised concerns about its security practices and tarnished its reputation.
How the Smart Contract Was Exploited
The hacker behind the breach acted swiftly, transferring 0.51 ETH to Beaverbuild to ensure priority inclusion of their transactions in the blockchain. Over several hours, the attacker flooded the network with multiple spam transactions, each involving either 520,000 or 500,000 VSTR tokens.
The attacker exploited a logical flaw in Vestra DAO’s staking contract, receiving 20,000 VSTR tokens with each transaction. The hacker had previously staked their tokens in the contract about a month ago, using the time to analyze the vulnerability and devise their strategy.
Moreover, in a bid for rapid execution, the attacker spent $40,000 on Ethereum gas fees, temporarily becoming the largest gas spender on the blockchain.
Following the hack, the VSTR token’s price plummeted from $0.013 to $0.005 almost immediately. Although the token later saw a slight recovery, rising to $0.009, it remains highly volatile and lacks liquidity.
Read More
- Bitcoin Competes with Gold, Not Currency, Says Fed Reserve Chairman
- NYC Mayor Eric Adams Taunts Critics, Celebrates Bitcoin Gains
- US Government Transfers $33.6M in Seized FTX Crypto to Unknown Wallets
Michaela has no crypto positions and does not hold any crypto assets. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.