The hack was allegedly caused by “a missing onlyMigrator check.”
TempleDAO, a yield-farming Decentralized Finance (DeFi) protocol, lost over $2.34M to a hack on Oct 11.
The exploit was announced by twitter account holder @spreekaway, who shared that the Defi platform had been hacked, along with a snapshot of how the stolen funds had been moved.
.@templedao exploited for $2m it seems pic.twitter.com/k0nBLSoxnx
— Spreek (@spreekaway) October 11, 2022
Blockchain Security companies Blocksec and Pecksheild confirmed in a series of tweets that the exploit had indeed occurred. Blocksec shared that the root cause of the attack was “insufficient access to control to the migrateStake function.”
TempleDao @templedao has been attacked. The root cause is the insufficient access control to the migrateStake function.https://t.co/eUwSMkZrEt pic.twitter.com/zXBUwzQ2Oy
— BlockSec (@BlockSecTeam) October 11, 2022
While Peckseild claimed that the exploiter funded from Simpleswap had transferred 1,831ETH ($2.34M) to a new addr
GIPHY App Key not set. Please check settings