Full Report
New Free DAO is a DeFi project hosted by the Binance Smart Chain (BSC). The New Free DAO contracts are not open source, making them hard to audit but a determined attacker could hit it still. The New Free DAO contract reward calculation is based solely on the balance of the user in the contract.A user earns rewards based on the amount of time that value has been deposited and based on the size of the deposit. In both cases, the deposited amount is multiplied by a set value to determine the reward amount. An attacker can make a massive deposit using a flash loan. From there, they can extract the rewards from the balance and withdraw the deposit. Doing this process over and over again leads to a ton of money being taken out. To remediate flash loan attacks, mechanisms need to be timed out. You shouldn't be able to quickly put in and take out money. Standard flash loan attack!
Analysis Summary
# Incident Report: New Free DAO Flash Loan Drain
## Executive Summary
In September 2022, the DeFi project New Free DAO, hosted on the Binance Smart Chain (BSC), suffered a significant financial loss due to a classic flash loan exploit targeting its reward calculation mechanism. An attacker utilized a flash loan to momentarily inflate their deposited balance, rapidly accrue and withdraw excessive rewards, draining 4,481 WBNB, equivalent to approximately $1.25 million, from the contract.
## Incident Details
- **Discovery Date:** September 2022 (Implied, as the attack occurred in this month)
- **Incident Date:** September 2022
- **Affected Organization:** New Free DAO
- **Sector:** Decentralized Finance (DeFi)
- **Geography:** Binance Smart Chain (BSC)
## Timeline of Events
### Initial Access
- **Date/Time:** September 2022
- **Vector:** Smart Contract Vulnerability Exploitation (Flash Loan)
- **Details:** The attacker initiated a sequence of contract calls, starting with securing a massive liquidity injection via a flash loan.
### Lateral Movement
- **N/A** - This incident was a direct contract exploit rather than a traditional network breach requiring lateral movement.
### Data Exfiltration/Impact
- **Date/Time:** During the attack execution sequence.
- **Vector:** Manipulated Reward Calculation
- **Details:** The attacker exploited the contract logic where rewards were calculated solely based on the current deposit balance multiplied by a set value over time. By rapidly depositing and withdrawing the large, borrowed capital, the attacker generated and drained massive, unearned rewards before repaying the principal of the flash loan.
### Detection & Response
- **Detection:** Not explicitly detailed, but implied following the draining of funds.
- **Response Actions:** The article suggests remediation requires implementing time-out mechanisms to prevent rapid deposit/withdrawal cycles typical of flash loan attacks, indicating potential contract updates or pausing operations were necessary steps.
## Attack Methodology
- **Initial Access:** Leveraging a flash loan service to secure vast, temporary capital.
- **Persistence:** N/A
- **Privilege Escalation:** N/A (The attack relied on the intrinsic logic flaw rather than privilege escalation).
- **Defense Evasion:** N/A
- **Credential Access:** N/A
- **Discovery:** The attacker likely reverse-engineered the non-open-source contract bytecode to identify the reward calculation flaw.
- **Lateral Movement:** N/A
- **Collection:** Accumulating excessive contract rewards.
- **Exfiltration:** Withdrawing the calculated (and invalid) rewards from the contract.
- **Impact:** Financial drain via contract manipulation.
## Impact Assessment
- **Financial:** Loss of 4,481 WBNB (Approx. $1.25 million USD at the time).
- **Data Breach:** None reported; this was a direct asset drain.
- **Operational:** Loss of user funds and severe impairment of the New Free DAO functionality.
- **Reputational:** Significant damage due to the high-profile failure of the protocol's core logic.
## Indicators of Compromise
- **Network Indicators:** Transactions exhibiting excessively high volume/speed of deposits followed immediately by withdrawals or reward claims against the New Free DAO contract address ([Defanged Example: Txs on BSC network interacting rapidly with contract address]).
- **File Indicators:** N/A
- **Behavioral Indicators:** Repeated execution of contract functions leading to exponential reward accrual in a single transaction or short interval, unsupported by typical user activity patterns.
## Response Actions
- **Containment measures:** Likely necessitated freezing the affected contract, potentially isolating the remaining pool or implementing circuit breakers if available.
- **Eradication steps:** Not explicitly listed, but would involve patching the reward calculation logic.
- **Recovery actions:** Rebuilding trust and implementing robust security audits prior to redeployment.
## Lessons Learned
- Unverified smart contract code (not being open source) provides minimal security against determined attackers and hinders necessary security audits.
- Reward calculation mechanisms dependent solely on high-frequency balance changes without time-gating are highly vulnerable to flash loan manipulation.
- Flash loan attacks exploiting reward/oracle mechanics are a recurring pattern in DeFi that must be actively defended against.
## Recommendations
- **Prevention Measures:** All smart contracts, especially those handling financial logic like reward calculations, must undergo rigorous, independent security audits before deployment.
- **Mitigation:** Implement time-based constraints (timeouts) on deposit/withdrawal cycles used in reward calculations to prevent the instantaneous use of borrowed capital for profit extraction.
- **Transparency:** Always publish and verify smart contract source code to allow for public scrutiny and preemptive identification of vulnerabilities.