On April 10, 2022, according to the Beosin-Alert, Gymdefi’s LiquidityMigrationV2 contract was exploited for about 1,327 WBNB. Beosin security team analyzed the incident and the findings are shown below.

Related Information

● Transaction hash: 0xa5b0246f2f8d238bb56c0ddb500b04bbe0c30db650e06a41e00b6a0fff11a7e5

● Exploiter’s address:

0x74298086c94dab3252c5dac979c9755c2eb08e49

● Contract that launched the attack:

0x4e284686fbcc0f2900f638b04c4d4b433c40a345

● Attacked contract:

0x1befe6f3f0e8edd2d4d15cae97baee01e51ea4a4

Attack Process

1. The attacker first withdraws 0.99655 BNB from Tornado.cash.

2. After deploying the attack contract, the attacker first borrows 2,400 WBNB from the WBNB-BUSD (0x58f8…dc16) transaction pool to the contract the attacker deployed in preparation for the subsequent steps.

3. Next, the attacker swaps 600 WBNB for 5,942,069.12 GYM in the GYM-WBNB (0x8dc0…91db) pool, then adds 1730 WBNB and 140W GYM to the GYM-WBNB pool to get 46,106.30 LP tokens.

4. After the liquidity is added, the attacker calls the migrate function in the LiquidityMigrationV2 contract through the attack contract to perform the migration. Since the actual prices of GYM and GYMNET tokens are not queried when the LiquidityMigrationV2 contract migrates, the amount of GYMs returned from the liquidity removal is directly passed in as the amount of GYMNETs added to the liquidity, and the attacker successfully swaps 46,106.30 LP (GYM-WBNB) tokens for 44,760.25 LP (GYMNET-WBNB) tokens.

5. The attacker then removes the liquidity and swaps the obtained 1,166,737.57 GYMNET for WBNB, and finally returns the flashloan and sends 1,327 WBNB to the exploiter’s own address.

Vulnerability Analysis

The attack mainly exploits a token swap design vulnerability in the LiquidityMigrationV2 contract. When performing migration, the migrate function in the contract uses the data returned when removing liquidity from the GYM-WBNB pool as a direct parameter of adding liquidity to the GYMNET-WBNB pool.

After borrowing a large amount of funds through the flashloan, the attacker maliciously controls the ratio of GYM to WBNB in the GYM-WBNB transaction pool. The migrate function is then called to swap 1,400,000 GYM for 1,166,737.57 GYMNET. Based on the GYM and GYMNET prices at the time of the attack, the ratio of GYM to GYMNET is approximately 130:1.

From the transactions in the contract, it appears that the contract was suspended 9 days ago. However, a large number of GYMNET tokens still remain in the contract, which just gives the attacker an opportunity to take advantage of it.

Fund Tracing

As of now, the stolen funds have not been transferred out and 1,327 WBNB remain in the exploiter’s address.

Summary

In response to this incident, Beosin security team recommends:

1. Contracts that rely on external contract data must do a good job of data validation during the development phase.

2. Before the project goes live, make sure to choose a professional security audit company to conduct a comprehensive security audit.

3. Project owners must do a good job of monitoring the status of the project. Be sure to transfer funds to a secure address promptly in case of contract abandonment or anomalies.

   —END —

   Beosin can provide professional security audit services. For more details, please visit our official website or contact us via Twitter, Discord or Telegram, etc.

   Contact US

   Website: https://beosin.com/

   Email：contact@beosin.com

   Twitter: https://twitter.com/Beosin_com

   Telegram: https://t.me/beosin

   Medium：https://medium.com/@Beosin

   Github: https://github.com/Beosin20180329

   Discord: https://discord.com/invite/B4QJxhStV4