Hacker Compromises DAI Deployment Address Across Most L2 Networks

The wallet responsible for deploying the DAI smart contract has been compromised in all L2 networks except Arbitrum and Optimism. This was highlighted by cybersecurity researcher Christopher Mooney.

? DAI Security PSA for wallet providers, block explorers, and users. The L2 DAI deployer (0x075da589886BA445d7c7e81c472059dE7AE65250) for the DAI vanity address (0xDA10009cBd5D07dd0CeCc66161FC93D7c9000da1) has been compromised. (1/7)

— Christopher Mooney (@godsflaw) September 3, 2024

According to the expert, the DAI address was initially generated using the Profanity Vanity Address tool, which later proved to be vulnerable.

“The original address was created using a large GPU cluster, so we knew it would take some time for an attacker to find the private key. We left a bait of 1 ETH at the address and confirmed the exploit in July,” wrote Mooney.

He emphasized that DAI holders’ funds on Optimism and Arbitrum are safe, but this is not the case for other networks. The expert has already identified malicious contracts deployed by the attacker on the Base and Polygon blockchains.

He urged marking all instances of the compromised smart contract after 2023 as phishing.

In late August, DeFi platform MakerDAO, as part of its transformation according to the Endgame roadmap, introduced updated versions of the DAI stablecoin and MKR governance token.