{"id":16668,"date":"2024-09-04T12:40:42","date_gmt":"2024-09-04T09:40:42","guid":{"rendered":"https:\/\/forklog.com\/en\/hacker-compromises-dai-deployment-address-across-most-l2-networks\/"},"modified":"2024-09-04T12:40:42","modified_gmt":"2024-09-04T09:40:42","slug":"hacker-compromises-dai-deployment-address-across-most-l2-networks","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/hacker-compromises-dai-deployment-address-across-most-l2-networks\/","title":{"rendered":"Hacker Compromises DAI Deployment Address Across Most L2 Networks"},"content":{"rendered":"<p><a href=\"https:\/\/arbiscan.io\/address\/0x075da589886BA445d7c7e81c472059dE7AE65250\">The wallet<\/a> responsible for deploying the DAI smart contract has been compromised in all L2 networks except Arbitrum and Optimism. This was highlighted by cybersecurity researcher Christopher Mooney.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">? DAI Security PSA for wallet providers, block explorers, and users. The L2 DAI deployer (0x075da589886BA445d7c7e81c472059dE7AE65250) for the DAI vanity address (0xDA10009cBd5D07dd0CeCc66161FC93D7c9000da1) has been compromised. (1\/7)<\/p>\n<p>\u2014 Christopher Mooney (@godsflaw) <a href=\"https:\/\/twitter.com\/godsflaw\/status\/1830986263098466561?ref_src=twsrc%5Etfw\">September 3, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to the expert, the DAI address was initially generated using the Profanity Vanity Address tool, which later proved to be vulnerable.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThe original address was created using a large GPU cluster, so we knew it would take some time for an attacker to find the private key. We left a bait of 1 ETH at the address and <a href=\"https:\/\/etherscan.io\/tx\/0x2486163785be8b518596ddd2a6c0106cacc3a352401402c90ce26b92d5858374\">confirmed the exploit in July<\/a>,\u201d wrote Mooney.<\/p>\n<\/blockquote>\n<p>He emphasized that DAI holders&#8217; funds on Optimism and Arbitrum are safe, but this is not the case for other networks. The expert has already identified malicious contracts deployed by the attacker on the <a href=\"https:\/\/basescan.org\/address\/0xda10009cbd5d07dd0cecc66161fc93d7c9000da1\">Base<\/a> and <a href=\"https:\/\/polygonscan.com\/address\/0xDA10009cBd5D07dd0CeCc66161FC93D7c9000da1\">Polygon<\/a> blockchains.<\/p>\n<p>He urged marking all instances of the <a href=\"https:\/\/arbiscan.io\/address\/0xda10009cbd5d07dd0cecc66161fc93d7c9000da1\">compromised smart contract<\/a> after 2023 as phishing.<\/p>\n<p>In late August, DeFi platform MakerDAO, as part of its transformation according to the Endgame roadmap, <a href=\"https:\/\/forklog.com\/en\/news\/makerdao-unveils-updated-versions-of-dai-and-mkr-tokens\">introduced<\/a> updated versions of the DAI stablecoin and MKR governance token.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The wallet responsible for deploying the DAI smart contract has been compromised in all L2 networks except Arbitrum and Optimism. This was highlighted by cybersecurity researcher Christopher Mooney. ? DAI Security PSA for wallet providers, block explorers, and users. The L2 DAI deployer (0x075da589886BA445d7c7e81c472059dE7AE65250) for the DAI vanity address (0xDA10009cBd5D07dd0CeCc66161FC93D7c9000da1) has been compromised. (1\/7) \u2014 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":16667,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1301,1099,54],"class_list":["post-16668","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-blockchain-vulnerabilities","tag-dai","tag-smart-contracts"],"aioseo_notices":[],"amp_enabled":true,"views":"37","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/16668","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=16668"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/16668\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/16667"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=16668"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=16668"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=16668"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}