Hackers made off with 183 Ethereum (ETH), worth roughly $386,000 at the time of writing, following a coordinated attack on DeFi platform ForceDAO Sunday. Following an initial selloff, ForceDAO’s native FORCE token was in recovery mode on Monday, capping off a highly volatile 24 hours for the newly launched project.
ForceDAO detailed the Sunday exploit in a series of tweets, taking ownership of the “engineering oversight” that resulted in the attack, which centered around the platform’s xFORCE contract.
POST-MORTEM
To the Force and DeFi community, we’d like to share a post-mortem on the recent xFORCE exploit.
Trending: Terrifying video shows child being dragged under Peloton treadmill
Thanks to everyone technical and non-technical who helped along the way.
Especially to the White Hat who helped deter FORCE getting drained.https://t.co/MK2GH69yLd
— Force (@force_dao) April 4, 2021
In a follow-up blog post, Alberto Cevallos explained:
“The exploiters were able to deposit FORCE tokens that would fail the transfer [f]rom call and receive xFORCE tokens, as the xFORCE contract expects a revert from the token but instead receives false.”
He continued:
“A user
