Devastating Attack on BSC-Based Ocean Life “OLIFE” Token Results in Total Loss of Value

About OLIFE

OLIFE is a BEP20 charity token that operates on the Binance Smart Chain (BSC). The token is focused on supporting charities that are working to combat the critical issue of overfishing and the destruction of marine life in our oceans. As part of its mission, OLIFE aims to provide financial assistance to charities in this space by donating a portion of its proceeds to support their activities. By investing in OLIFE, users can contribute to this worthy cause while also potentially earning returns on their investment.

Overview:

In a startling incident on April 19, 2023, the Ocean Life token was the target of a malicious attack. According to some research, the attacker was able to exploit a flaw in the token’s mechanism, which allowed them to decrease the overall token supply and manipulate its price. As a result of this sophisticated attack, the value of the token plummeted to zero, resulting in severe financial losses for investors who held the token. In addition, the hacker was able to earn a staggering 32,29 WBNB in the process, which further highlights the severity and scale of the attack.

OLIFE token Price

About the Attacker :

Address : 0xfB8EF8dE849079559801BFF8848178640CDd41B7
- link: https://bscscan.com/address/0xfb8ef8de849079559801bff8848178640cdd41b7

Address where the stolen funds were transferred

Address: 0x662D2dC484D65a3Ba4Da80E36EAa9a400AF0726B
- link: https://bscscan.com/address/0x662D2dC484D65a3Ba4Da80E36EAa9a400AF0726B

OceanLife Contract code:

Address: 0xb5a0Ce3Acd6eC557d39aFDcbC93B07a1e1a9e3fa
- link:
  https://bscscan.com/address/0xb5a0ce3acd6ec557d39afdcbc93b07a1e1a9e3fa#code

Vulnerable code part in OcenaLife contract:

link:
https://bscscan.com/address/0xb5a0ce3acd6ec557d39afdcbc93b07a1e1a9e3fa#code#L474

Overview of the Attacker transaction :

Transaction Hash: 0xa21692ffb561767a74a4cbd1b78ad48151d710efab723b1efa5f1e0147caab0a
- link:
  https://bscscan.com/tx/0xa21692ffb561767a74a4cbd1b78ad48151d710efab723b1efa5f1e0147caab0a

Attacker’s Transaction

Let’s break down the attack :

the attacker behind the recent hack on OceanLife token borrowed a significant amount of funds in a flashloan from DPPOracle. Specifically, the attacker reportedly borrowed 969 WBNB tokens using this mechanism. Once the flashloan was secured, the attacker then proceeded to use PancakeSwap, a popular decentralized exchange, to convert the borrowed WBNB tokens into OLIFE tokens.

This process involved a series of complex transactions that were carried out within a very short period of time. By using a flashloan, the attacker was able to obtain a large amount of capital without having to put up any collateral or undergo a credit check. This allowed them to carry out the attack on the OLIFE token with minimal financial risk.

flashloan from DPPOracle

Understanding the ‘Reflect Fee’ Function and its Role in the OLIFE Token Attack

the attacker reportedly exploited a flaw in the token’s code that allowed them to manipulate the total token supply. Specifically, the attacker was able to decrease the overall value of _tTotal, the total supply of the token, by internally calling the ‘_reflectFee’ function within the transfer function.

The ‘_reflectFee’ function is a common feature in many token contracts and is designed to redistribute a portion of transaction fees to all token holders. However, in this case, the attacker was able to use this function to decrease the total token supply, which in turn caused the value of each individual token to decrease as well.

The balance of the pool was significantly higher after accumulation when computed using the balanceOf() function, which is designed to return the balance of a specific address within a token contract.

Using this information, the attacker was then able to use a direct call to the swap function to withdraw WBNB tokens from the pool. This allowed them to steal a significant amount of funds from the pool, which in turn resulted in significant financial losses for token holders

balanceOf() call

The hacker returned the 969 WBNB flashloan and transferred the resulting profit of 32 WBNB to a separate address.

Exploit conculsion :

In summary, the OLIFE token on the Binance Smart Chain (BSC) was subject to a devastating attack on April 19, 2023, resulting in the total loss of value. The attacker exploited a flaw in the token’s mechanism, which allowed them to decrease the overall token supply and manipulate its price, causing severe financial losses for investors who held the token. The attacker borrowed 969 WBNB tokens using a flashloan from DPPOracle and proceeded to use PancakeSwap to convert the borrowed WBNB tokens into OLIFE tokens. The attacker then manipulated the token pool balance using the ‘balanceOf()’ function and used a direct call to the swap function to withdraw WBNB tokens from the pool, resulting in a significant financial loss for token holders. The attacker returned the 969 WBNB flashloan and transferred the resulting profit of 32 WBNB to a separate address.

The attack highlights the importance of implementing robust security measures, such as frequent audits of token contracts and exchanges, to prevent such attacks from occurring in the future.

To maintain the security and integrity of cryptocurrency ecosystems, it’s important to follow best practices and implement effective mitigation strategies:

To minimize the risk of potential security vulnerabilities, it’s crucial to ensure that any state changes occur internally first. This means that balances should be updated and internal functions called before external code is executed. This approach can help prevent potential attacks, such as price manipulation attempts, by ensuring that internal state changes are executed securely and accurately.

When it comes to mitigating the risk of price manipulation attempts, using oracles like Chain Links can be effective. By validating the input parameters and preventing stale data, these oracles can help ensure that the price data is accurate and up-to-date, reducing the risk of manipulation. It’s important to validate the inputs carefully to ensure that they are accurate, as any errors in this process can result in significant financial losses.

Conclusion:

In conclusion, the recent attack on the Ocean Life token underscores the need for robust security measures and frequent audits of token contracts and exchanges to prevent such attacks from happening in the future. To maintain the security and integrity of cryptocurrency ecosystems, it is crucial to follow best practices and implement effective mitigation strategies. Our company, SCT ITALIA, offers audit security services to help ensure that your token contract is secure and free from vulnerabilities that can be exploited by attackers. By taking proactive measures to secure your token, you can reduce the risk of financial losses and protect the investments of your users.