Describing what’s happened: Hacker used governance portal, in one contract he created a proposal that probably changes the oracle that provides BUSD price. In 1 transaction he proposed the proposal and voted for it, minted USDV and draining pools on wagyu. It’s done in 1 contract, same block and only 1 transaction.
https://evmexplorer.velas.com/tx/0x319c6ae4b120e533bfb2b2dd48d7777185f38fb98e903297aed28cd47d18ed2a
We can’t check the changes, but it seems that he voted for changing oracle, that provides price for BUSD.
Minimum amount for participating and voting is 30.000 VDGT so he possibly made a proposal and voted for it.
At the moment we contacted Crystal, AMLBot and HAPI, address has been marked We also contacted Uniswap, maybe they can help us somehow.. Hopefully, there some funds left on Kucoin but we need to wait to get information about it.
Also we’re working on solution for buying back current vaults, all of them are in safe.
Those who held and bought USDV — after we will understand more details regarding hacker and other amount of drained money — we will apply buyback mechanism.
As we see, ±350.000k USD in total were drained from Velas Blockchain.
Explainer step by step:
#1 sending VDGT tokens (30k) to the address of the contract with the exploit
#2
calling the vote method (votes 30k VDGT) from DsChief for accepting changes in the system (https://evmexplorer.velas.com/address/0xCC9D0895AE3e8Ce578346C92cd0563ae3526A55b)
#3 Sending BUSD (105) tokens to the address of the exploit contract
#4
sending BUSD tokens (100) to unknown contract (0xc0845342A37fdf55eb13D0cF64e6AA43b2488E8c)
#5
Deposit 100 BUSD to the contract address JOIN_BUSD (0x4368d9F91C40EA8Ac9F11A4f9289889f56D32Df8), for further generation of USDV tokens
#6 USDV token generation
#7 Exchange on wagyu for USDV -> BUSD
#8 Exchange on wagyu USDV -> WBTC
#9 Exchange on wagyu USDV -> DAI
#10 Exchange on wagyu USDV -> ETH
#11 Exchange on wagyu USDV -> VLX
#12 send 500,000,000,000 USDV to the address from which the transaction that triggered the exploit was sent (0xA10B21aFC713B600C52E75723Ddd53dE26900dA1)
It’s all within one transaction:
Withdrawals:
5 WBTC — https://evmexplorer.velas.com/address/0x639A647fbe20b6c8ac19E48E2de44ea792c62c5C
2.0161 WBTC — https://evmexplorer.velas.com/address/0x639A647fbe20b6c8ac19E48E2de44ea792c62c5C
35000 DAI — https://evmexplorer.velas.com/address/0xf27Ee99622C3C9b264583dACB2cCE056e194494f
82914 BUSD — https://evmexplorer.velas.com/address/0xc111c29A988AE0C0087D97b33C6E6766808A3BD3
0.436739577823117734 ETH — https://evmexplorer.velas.com/address/0x85219708c49aa701871Ad330A94EA0f41dFf24Ca
Link for our oracle — https://evmexplorer.velas.com/address/0x80161e2E680a269C87BA6b9f1c0821CDef224721/transactions#address-tabs
Adress which is suspected and marked : https://etherscan.io/address/0xa10b21afc713b600c52e75723ddd53de26900da1
Current address that holds part of the stolen money: https://etherscan.io/address/0xa6c13aa576f6f2eb05303de9ffe30a6cb67c160a#tokentxns
