ChainSwap Hack Transparency Update

Nord Finance
2 min readJul 11, 2021

--

Dear NORD Vikings and holders of $NORD, we have completed our preliminary analysis of the @chain_swap hack. We have contacted the @chain_swap team and are in active discussions to determine the best path forward.

Preliminary Analysis of the Hack:

At block 9042300 to 9042306 on @BinanceChain, an attacker took control of the $NORD BSC contract due to a critical vulnerability in the @chain_swap Protocol. Based on our initial analysis, the @chain_swap vulnerability enabled 500,000 $NORD to be minted directly to the attacker’s address from a factory root address (‘0x0000…’).

For context, the BSC version of the $NORD token contract was deployed to the @BinanceChain via @chain_swap to enable trading on @PancakeSwap (mainly due to high gas fees on Ethereum).

This first minting transaction of 10,000 $NORD was confirmed on Jul-10–2021 at 07:18:45 PM and 50 subsequent minting transactions totaling 500,000 $NORD.

See tx :

https://bscscan.com/tx/0xaa32ff370ea19a0addb53c0b41fad7d465615b148ca93610e49a3fcff763443e

Following the minting process, the attacker proceeded to the market and sold 500,000 $NORD on PCS in exchange for $101,922 BUSD. This resulted in removing nearly all BNB liquidity from the $NORD/BUSD liquidity pool and causing the price to reach $0.04.

Approximately two hours before the @chain_swap hack, the attacker took control of nearly 330,000 $NORD on the Ethereum mainnet, via the @chain_swap Bridge Contract. This attack was isolated to the $NORD token contract on BSC and @chain_swap bridge token on Ethereum only.

The attacker was able to empty the @chain_swap Bridge Contract on the Ethereum main net, withdrawing nearly 330,000 $NORD. Token acquisition started at this transaction and continued for three more transactions.

In a series of nine transactions starting at block 12801662 on Ethereum, the attacker sold a total of 334,894.720 $NORD.

https://etherscan.io/token/0x6e9730ecffbed43fd876a264c982e254ef05a0de?a=0xEda5066780dE29D00dfb54581A707ef6F52D8113

Although @chain_swap has not yet resolved the specific vulnerability within their systems, we can confirm that $NORD trading is safe to resume on Uniswap, Kucion, Ascendex, Dfyn, and gate_io.

Please refrain from trading on @BinanceChain and @PancakeSwap until further notice.

Most importantly, we will do what is right to ensure that BSC holders can get access to their $NORD, either by creating a new liquidity pool to trade on BSC with or by transferring your $NORD tokens to Ethereum main net.

Attacker address is:

https://etherscan.io/address/0xEda5066780dE29D00dfb54581A707ef6F52D8113

https://bscscan.com/address/0xeda5066780de29d00dfb54581a707ef6f52d8113

NORD Finance systems, Smart Contracts, and savings protocol remain unaffected, each of which has been audited by Zokyo and Quillhash.

Our team is working on this around the clock to ensure a resolution in full. We will be posting updates on our handles and Medium. Please follow our socials for more updates or to contact us for further details:

Telegram | Telegram Announcement | Twitter

(PS: Thank you @WilderWorld team for their initial analysis which is base of this article.)

--

--

Nord Finance
Nord Finance

Written by Nord Finance

An Advanced Decentralized Finance Ecosystem

No responses yet