AzukiDAO Exploited for 35 ETH Due to Contract Vulnerability

An unchecked variable in the contract allowed replay attacks.
Source: AzukiDAO

Quick take:

  • Azuki’s governance token $BEAN has been exploited for over 35 ETH. 
  • Attackers took advantage of a vulnerability in the contract.
  • Crypto Fund visualiser, Meta Sleuth said on Twitter an unchecked variable in the contract allowed replay attacks.

AzukiDAO has been exploited for over 35 ETH due to contract vulnerability. According to crypto fund analyser Meta Sleuth, two attackers took advantage of the signatureClaimed variable in the contract that was not properly checked. This created a doorway for replay attacks to take place. The contract has since been paused.

Source: MetaSleuth/Twitter

In the latest drawback for the organisation, the first attacker 0x85d231c204b82915c909a05847cca8557164c75e has made a profit of 34.47ETH.

Source: MetaSleuth/Twitter

The second attacker, Chandog.ETH made away with 0.614ETH in profit before the contract was paused.

Source: MetaSleuth/Twitter

This event comes just days after Azuki’s Elementals NFT collection, which in some ways failed to meet its standards.

The auction was offered in a similar way to the first collection, with bidders unaware of what type of avatar they were going to get. However, after minting, collectors complained of the similarities with the first Azuki NFT collection, which the company was quick to admit was partly a communication failure on its side.

Chiru Labs, the LA-based web3 company behind the Azuki NFT collection and BEANZ raised $37 million from the Elementals auction.

Collectors who participated in the auction have now banded together to try to recoup back their investment because of the similarities with the first Azuki collection.

According to reports on Monday, they are using AzukiDAO, the organisation that governs the Azuki ecosystem to express their grievances. 

A lawsuit Snapshot proposal reads: “We have only been given a similar profile picture to that of the original Azuki holders and nothing more.” The proposal goes on to accuse the team of “blatantly scamming the buyers.”


Stay up to date:

Subscribe to our newsletter using this link – we won’t spam!

Previous Post

Intel, Dell and the UK Government to Test Fusion Energy System in the Metaverse

Next Post

OMA3 Announces the Inter-World Portaling System for Interoperable Metaverses

Related Posts