Ongoing attack on TheDAO - ETH draining from the pot

in thedao •  last year

Someone is attacking DAO

There is an attack going on against "theDAO". A recently discovered recursive-split attack can be used to to initiate ether-sends before the contracts burns them. Buy this the contract will hand over ETH that you shouldn't have control over.

Technically, this attack can be continued until all ETH are drained from "the DAO".
It seems Daniel Larimer was right about Is The Dao going to be DAO

Reddit-Quotes

The DAO ETH Balance was 11,599,353.25 Ether 24 hours ago with a total
Token Supply of 1,159,931,811.69 TheDAO, now there is currently only
8,914,536.17 Ether with a total Token Supply: 1,159,813,810.27 TheDAO.

So 118001.42 tokens has split with 2684817.08 Eth? 22.75 Eth per DAO
token? Can someone explain?

Someone is draining the DAO using recursive splitDAO calls

It is according to slack. Someone is stealing like $1.000.000 worth of
ether a minute

Update 1

On slack, the DAO curator, and community members encourage everyone to start spamming the Ethereum network to slow down the attacker. Not sure if this will work out as desired.

griff [10:05 AM] >@channel The DAO is being attacked. It has been going on for 3-4 hours, it is draining ETH at a rapid rate. This is not a drill.

You can help:

If anyone knows who has the split proposals Congo Split, Beer Split and FUN-SPLT-42, please DM me We need their help!

If you want to help, you can vote yes on those aforementioned split proposals. especially people who’s tokens are blocked because they voted for Prop 43 (the music app one).

We need to spam the Network so that we can mount a counter attack all the brightest minds in the Ethereum world are in on this.

please use this:

for (var i = 0; i < 100; i++) { eth.sendTransaction({from: eth.accounts[4], gas: 2300000, gasPrice: web3.toWei(20, 'shannon'), data: '0x5b620186a05a131560135760016020526000565b600080601f600039601f565b6000f3'}) }

to spam the chain

Update 2

Massive DAO dumping

Massive ETH dumping

Update3

Either poloniex is extremely unresponsive, or they have halted the DAO markets.

Update 4

Slock.it has started a blog post with live updates with the content cited above. My hopes that it is slock.it that attacks the DAO to prevent others from gaining profits from it just vanished :( too bad

It seems that the attack is still ongoing and draining ETH from theDAO.

Update 5

toast (famous member of the BitShares community and creator of MAKER)
has posted this on reddit:

thanks @tuck-fheman

Update 6

Apperently, the attacker has managed to gain 3.3M ETH (thanks @rainman)

Update 7

It seems Vitalik has started working on this. He asked for the guy that has a split contract to terminate in 2h. Maybe he is able to run a counter draining attack.

Meanwhile,

  • etherscan.io became unresponsive.
  • attack still ongoing with another 10k ETH moving over to the attackers wallet
  • ETH/BTC just touched 0.0172200 on poloniex (down 25%)
  • DAO/BTC just touched 0.00008520 on poloniex (down 65%)

Update 8

  • Still 8,118,797 ETH in DAO contract
  • Attacker now has 3,477,054 ETH
  • To clearify: The attack on the DAO is an exploit on the DAO's contract code, ETHEREUM is still working as it is supposed to. Hence, DAO is broken, Ethereum still fine. Whether this has any influence on the price of ETH is left to the reader to decide!
  • Interestingly, the price of DAO on poloniex rises again, even though the attacker seems to still be attacking the DAO and draining its funds, back at 0.00014499 BTC/DAO

Update 8 - Fri Jun 17 12:20:24 CEST 2016

  • DAO contract: 8,049,054.83 ETH
  • Attacker: 3,544,406.91 ETH

An eddit on the [Security Advisory[(https://blog.slock.it/dao-security-advisory-live-updates-2a0a42a2d07b#.sior2rz5s) appeared:

We’re seeing a strong mobilization of the entire community: experts in the field, the Ethereum Foundation, exchanges and miners are coming together to assess the situation and mitigate the attack.
If you’d like to help, please continue to spam the Ethereum network as per the instructions below.

Update 9 - Fri Jun 17 12:23:00 CEST 2016

Thanks @pfunk:

griff 4:52 AM @channel Update: The person has their ETH locked in a Child DAO,
so they will not be able to get the ETH out for a long time, there will
be a fix. The entire Ethereum Ecosystem is collaborating on a solution.

Meanwhile, price of DAO and ETH seem to recover

  • ETH lastprice: 0.02352067
  • DAO lastprice: 0.00016699

Update 10 - Fri Jun 17 13:11:04 CEST 2016

Friday 17/6–12:01 UK time
The Ethereum Foundation has published its statement and a description of
the solution.
In summary, a hardfork will retrieve all stolen funds from the attacker.
If you have purchased DAO tokens, you will be transferred to a smart
contract where you can only retrieve funds. Since no money in the DAO
was ever spent, nothing was lost.

Blog
(currently down)

Update 11 - Fri Jun 17 13:13:21 CEST 2016

Blog Content on Pastebin

CRITICAL UPDATE Re: DAO Vulnerability
Posted by Vitalik Buterin on June 17th, 2016.

An attack has been found and exploited in the DAO, and the attacker is
currently in the process of draining the ether contained in the DAO into
a child DAO. The attack is a recursive calling vulnerability, where an
attacker called the “split” function, and then calls the split function
recursively inside of the split, thereby collecting ether many times
over in a single transaction.

The leaked ether is in a child DAO at
https://etherchain.org/account/0x304a554a310c7e546dfe434669c62820b7d83490;
even if no action is taken, the attacker will not be able to withdraw
any ether at least for another ~27 days (the creation window for the
child DAO). This is an issue that affects the DAO specifically; Ethereum
itself is perfectly safe.

The development community is proposing a soft fork, (with NO ROLLBACK;
no transactions or blocks will be “reversed”) which will make any
transactions that make any calls/callcodes/delegatecalls that execute
code with code hash
0x7278d050619a624f84f51987149ddb439cdaadfba5966f7cfaea7ad44340a4ba (ie.
the DAO and children) lead to the transaction (not just the call, the
transaction) being invalid, starting from block 1760000 (precise block
number subject to change up until the point the code is released),
preventing the ether from being withdrawn by the attacker past the
27-day window. This will later be followed up by a hard fork which will
give token holders the ability to recover their ether.

Miners and mining pools should resume allowing transactions as normal,
wait for the soft fork code and stand ready to download and run it if
they agree with this path forward for the Ethereum ecosystem. DAO token
holders and ethereum users should sit tight and remain calm. Exchanges
should feel safe in resuming trading ETH.

Contract authors should take care to (1) be very careful about recursive
call bugs, and listen to advice from the Ethereum contract programming
community that will likely be forthcoming in the next week on mitigating
such bugs, and (2) avoid creating contracts that contain more than ~$10m
worth of value, with the exception of sub-token contracts and other
systems whose value is itself defined by social consensus outside of the
Ethereum platform, and which can be easily “hard forked” via community
consensus if a bug emerges (eg. MKR), at least until the community gains
more experience with bug mitigation and/or better tools are developed.

Developers, cryptographers and computer scientists should note that any
high-level tools (including IDEs, formal verification, debuggers,
symbolic execution) that make it easy to write safe smart contracts on
Ethereum are prime candidates for DevGrants, Blockchain Labs grants and
String’s autonomous finance grants.

This post will continue to be updated.

Update 12 - Fri Jun 17 14:23:34 CEST 2016

  • DAO: 7,930,715.34 ETH
  • Attacker: 3,641,694.24 ETH

Last Prices:

  • ETH recovering: 0.02392174 (-10% 24h)
  • DAO recovering: 0.00019941 (-18% 24h)

Update 13 - Fri Jun 17 16:18:13 CEST 2016

Either the Ethereum block explorer doesn't update anymore, or the attacker has stop draining DAO.
At least the amounts stored in the attackers addres hasn't changed for 2 hours.

  • Attacker: 3,641,694.24 ETH

Resources

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  trending
·

I fixed the DAO link the the OP!

·

Attacker's account is growing fast! TheDao might hit 0 marketcap in a few hours.

This is one reason why we at Compumatrix are using the decentralized exchange and the bitshares/openledger platform. The DAO is truly going DOA as Dan has penned.

Thanks! This proves Steem suffices as a news channel as long as someone else keeps an eye on the outside world.

Breaking news from the DAO slack:

griff
4:52 AM @channel Update: The person has their ETH locked in a Child DAO, so they will not be able to get the ETH out for a long time, there will be a fix. The entire Ethereum Ecosystem is collaborating on a solution.


Andreas Antonopoulous is in the slack now.

aantonop
5:28 AM I’m surprised at the number of people who think a “rollback” is even possible

aantonop
5:33 AM A rollback would affect too many accounts. Isolating a single transaction would be enormously damaging to the credibility of the system. It will also create enormous liability

aantonop
5:34 AM Both ETH and DAO are being traded. You can’t roll those back

aantonop
5:38 AM If I were a miner I would not accept a rollback version


Stephan Tual just chimed in:

stephan
6:07 AM @channel - ELI5 - In summary, a hardfork will retrieve all stolen funds from the attacker. If you have purchased DAO tokens, you will be transferred to a smart contract where you can only retrieve funds. Since no money in the DAO was ever spent, nothing was lost.

stephan
6:13 AM @channel - To clarify: once the DAO has been 'transformed' into the basic contract where you can only withdraw, you will be able to do as you wish with these funds. Retrieve the eth, put in cold storage, start a new DAO, invest in other projects, sell them for vericoins, whatever. As for Slock.it, we will issue a statement at some point today.


Vitalik Buterin's response:
https://blog.ethereum.org/2016/06/17/critical-update-re-dao-vulnerability/ (currently not loading, see mirror below)
Mirror: https://archive.is/YkANN

Ether's Holders right now...

Jesus that's one hell of a dump. Shame they didn't test the DAO code for much longer. Of course when there's $150M sitting in a contract, there's much more motivation to poke holes in it.

This article suddenly becomes relevant.
Will The DAO Become Ethereum's Mt Gox?

As stakeholders in the world's largest decentralized autonomous organization (DAO) descend into forums to debate its future, concerns are emerging about what the success or failure of The DAO could mean for Ethereum, the blockchain platform that enabled its creation.

·

Also, the TauChain project suddenly becomes relevant.

Update from Val: (to summarize no DAO tokens will be lost and since The DAO was only holding Ether, nothing is lost) The leaked ether is in a child DAO at https://etherchain.org/account/0x304a554a310c7e546dfe434669c62820b7d83490; even if no action is taken, the attacker will not be able to withdraw any ether at least for another ~27 days (the creation window for the child DAO). This is an issue that affects the DAO specifically; Ethereum itself is perfectly safe.

The development community is proposing a soft fork, (with NO ROLLBACK; no transactions or blocks will be “reversed”) which will make any transactions that make any calls/callcodes/delegatecalls that reduce the balance of an account with code hash 0x7278d050619a624f84f51987149ddb439cdaadfba5966f7cfaea7ad44340a4ba (ie. the DAO and children) lead to the transaction (not just the call, the transaction) being invalid, starting from block 1760000 (precise block number subject to change up until the point the code is released), preventing the ether from being withdrawn by the attacker past the 27-day window. This will later be followed up by a hard fork which will give token holders the ability to recover their ether.

·

... and what happens to the poor saps who panic sold on the exchanges? I don't think they will touch Ether or the DAO again, among other things.

I hope that is an error that resolved soon and everything is in a "shock", because this kind of news makes the people who do not understand this world beware and think this has no future, that it is a scam. etc., which makes the criptomonedas does not move forward and gain ground.
A single bad news pulled down several good news.

·

Technically .. theDAO is insolvent already because it can't pay back the Ether to all original investors anymore

·

This is likely to have tsunamic ripple effects.

everyone is dumping dao and eth at the moment.

·

Red candles everywhere, this looks like its going to be a bloodbath and Ether reputation harm may be lasting, definitely not as battle hardened as bitcoin.

·
·

lets see what happens with waves on 20th

@xeroc you never fail to impress me.

"daoxxed"

lulz

·

I loled :)

This is quite the horror show. I feel terrible for all those people who have lost so much. Obviously this is terminal for The DAO but I wonder if Ethereum is also going to go the same way? Such a shame.

toast ...

Thanks, I just wrote an article about this situation and I appreciate all the info. I linked back to Steemit....

Wow. Just wow.

Draining the funds to where?... Can this attacker even spend those split ETH? Doesn't he have to wait like 15 years before he can untangle those ETH from the DAOs convoluted web?

I'd wait to see how this plays out before declaring the DAO dead just yet. It looks to me like a ploy to panic the market and buy cheap DAO.

·

The funds are drained from the ETH that investors have send into the DAO. Technically, the attacker could have sent them all to poloniex but for whatever reason, he decided to put them into a DAO itself that made the obtained ETH illiquid.

·
·

so the whole dumping was just panic? the attacker didnt spent anything?

·
·
·

Yup

·
·

I bet he is buying cheap ETH's and DAO's from another account we will never find out!

·

yeah, it's up again at the moment, but it has been down for me as well today.

DAO and ETH folks now flocking to the Bitshares Dex for safe haven :)

·

Bitshares has a chance to gain huge amount of traction from this.

The Ethereum Foundation has published its statement and a description of the solution.
In summary, a hardfork will retrieve all stolen funds from the attacker. If you have purchased DAO tokens, you will be transferred to a smart contract where you can only retrieve funds. Since no money in the DAO was ever spent, nothing was lost.

https://blog.slock.it/dao-security-advisory-live-updates-2a0a42a2d07b#.hh53inemv

·

No money perhaps, but what about reputation Etherium?

·

What does all this mean?? Could this ever happen to Steem?

Oops, I'm a poet and don't know it :-)

Most ETH / DAO investors in a few hours ...


·

eth_trading

poloniex has halted operations.

·

Polo volume isn't that high but the site has ground to a halt and noone can trade except bots it seems, perhaps someone DDOSing it at the same time. Even the trollbox is lagging like crazy.

·

ShapeShift too it appears.

·
·

SS is back online. Update : Well not really, you can't even buy 1 ETH at the moment.

·

seriously?!?

the big sell, the big scam

I guess when it comes to crypto currency, we're living in the wild west. Hopefully a new sheriff will ride into town soon!

R.I.P - The Dao - 30 April 2016 // 17 June 2016

·

Here is a very interesting insight, I fully agree with:

What hypocrisy! The DAO hasn't been 'hacked'. Ethereum is working 100% as designed. You smart contract lovers soon turn over a new leaf when you lose your own cash. Here are the facts:

  1. Ethereum is working exactly as designed. 2+2 still equals 4.
  2. The DAO is working exactly as the code specifies. The EVM isn't mistreating the DAO code at all, it is running as per the specification.
  3. So there is a recursive payout 'problem'? No there isn't. It was all in the specification. When the DAO was fund raising, it was explicit that the only thing that mattered was the DAO's contract code. Nothing else should be taken as being reliable. Well, the contract code is still operating exactly as it was specified. A 'hacker' is merely using the code in ways that were there to see, should anyone have looked. How can they be stealing when they are just using the code?
  4. Do you see the problem with 'trustless' contracts now, suckers? Anyone who claims that the DAO has gone wrong is at odds with the original investment statements. Attempts to block eth transfers is such blatant two-faced hypocrisy.
·

unbelieve it,, hoping the dev and team can resolve it asap

·

The DAO is too big to fail. The dev team will find a way to bail the investors out.

Possibly Naive Question: If the execution that is draining the DAO is a recursive call... why doesn't it (or why won't it ultimately) run out of gas, fail, and revert?

Update 8: the price rising? seems to me parties that have an interest in the DAO/Ether surviving are spending to keep it afloat

WTF...The ripple effects will be massive.