CertiK dissects the Axion Network incident and subsequent price crash

Published on by Cointele | Published on

The price collapsed in excess of 99%, netting the attackers a cool 1300 ETH - worth an estimated $500K at time of publication.

Despite these reassurances, CertiK is stepping forward to offer the community a clearer explanation of what they perceive to have gone wrong, and insights into how similar attacks could be prevented in future.

Cointelegraph has not audited the code and the views stated hereafter are therefore exclusively those of CertiK.CertiK staff report on the Axion price crash.

We were informed of the incident within a few minutes of the attack occuring and our security analysts began assessing the situation immediately.

We have concluded that the attack was likely planned from the inside, involving an injection of malicious code at the time the code was deployed by altering code from OpenZeppelin dependencies.

These funds were ultimately not part of the attack and served as a smokescreen with regards to how the attack unfolded.

The hacker began their way towards actuating their attack by creating an "Empty" stake on the Staking contract of the Axion Network by invoking the stake function with a 0 amount and 1 day stake duration at approximately 09:00 AM +UTC. This created a Session entry for the attacker with a 0 amount and 0 shares value at session ID 6.

The attacker pre-approved an unlimited amount of AXN to the Uniswap exchange in anticipation of their attack succeeding.

As the transactions that the attacker conducted resulted in no change to the sessionDataOf mapping, we concluded that this was a multi-address attack.

This incident bears no relation to the audits conducted by CertiK and the party responsible for the attack was a person that seemed to be involved with the deployment of the Axion Network contracts.

x