All Articles

Understanding Defensive Measures and Exploits in Contract Security By Gregory Pickett

Posted by Gaya M on May 23, 2024 at 7:18pm in Blog

Understanding%20Defensive%20Measures%20and%20Exploits%20in%20Contract%20Security.png?profile=RESIZE_710x

 

 

This blog offers insights into a hacker's perspective on defensive measures and concerns regarding detection and response capabilities. The speaker emphasizes the importance of monitoring for suspicious activities and implementing effective countermeasures to thwart potential attacks. Additionally, the blog delves into a specific exploit known as the Tendery hack, which involved a variation of price oracle misconfiguration in a DeFi platform. Through a hacker's lens, we will explore the vulnerabilities exploited and the implications for contract security.

 

 

Here is the verbatim discussion:

Successful but I'm also concerned on whether or not someone is going to see anything and if they see anything can they do something about it so that's my view constantly when I'm hacking and so I look at this the exact same way what could they have seen what could they have done to stop me if this was me so the first thing as a defender in that side I I would um you know be wondering if they are admitting events right so the thing they could have been doing then is admitting events admitting this case exchange rates also they could have been monitoring for large changes in that exchange rate that's what I'd be worried about as a hacker right and of course they also threat another hack the tendery hack in earlier in March a def5 platform now this is actually a variation a price Oracle misconfiguration another publicly known event now in solidity the decimal point is not explicit or strictly defined it is implicit or understood essentially the owner decides where the decimal place will be and they handle it accordingly if you have let's say this is very simplified again a number with 10 places and the number is one eight and then eight zeros right with the decimal point at the second place that's quite a different number than 1 eight and eight zeros it's much larger now throughout this contract the numbers were being handled correctly right handled with desm plat where the owner wanted it to be all except for the GMX token it was not so one GMX token because of the Des point was not being handled properly being handled at the second place or wherever supposed to be it's it one token was worth uh because that's the variable it was uh that without the decimal point it was the value of the GMX token was worth as an example eight 1 eight and eight zeros that's a large number now the actual number was much bigger and in fact this contract saw the value of one GMX token being worth more than all the Bitcoin currently in circulation yes GMX token was very much overvalued according to the contract now the GMX token uh was being used for collateral for a loan so obviously it being very valuable you could borrow a lot there you go I like my diagrams so one GMX token essentially they were able to borrow all of the either in the contract I don't think it was all of it uh but for all intens purposes why not yes all of threat another hack the tendery hack in earlier in March a def5 platform now this is actually a variation a price Oracle misconfiguration another publicly known event now in solidity the decimal point is not explicit or strictly defined it is implicit or understood essentially the owner decides where the decimal place will be and they handle it accordingly if you have let's say this is very simplified again a number with 10 places and the number is one eight and then eight zeros right with the decimal point at the second place that's quite a different number than 1 eight and eight zeros it's much larger now throughout this contract the numbers were being handled correctly right handled with desm plat where the owner wanted it to be all except for the GMX token it was not so one GMX token because of the Des point was not being handled properly being handled at the second place or wherever supposed to be it's it one token was worth uh because that's the variable it was uh that without the decimal point it was the value of the GMX token was worth as an example eight 1 eight and eight zeros that's a large number now the actual number was much bigger and in fact this contract saw the value of one GMX token being worth more than all the Bitcoin currently in circulation yes GMX token was very much overvalued according to the contract now the GMX token uh was being used for collateral for a loan so obviously it being very valuable you could borrow a lot there you go I like my diagrams so one GMX token essentially they were able to borrow all of the either in the contract I don't think it was all of it uh but for all intens purposes why not yes all of threat another hack the tendery hack in earlier in March a def5 platform now this is actually a variation a price Oracle misconfiguration another publicly known event now in solidity the decimal point is not explicit or strictly defined it is implicit or understood essentially the owner decides where the decimal place will be and they handle it accordingly if you have let's say this is very simplified again a number with 10 places and the number is one eight and then eight zeros right with the decimal point at the second place that's quite a different number than 1 eight and eight zeros it's much larger now throughout this contract the numbers were being handled correctly right handled with desm plat where the owner wanted it to be all except for the GMX token it was not so one GMX token because of the Des point was not being handled properly being handled at the second place or wherever supposed to be it's it one token was worth uh because that's the variable it was uh that without the decimal point it was the value of the GMX token was worth as an example eight 1 eight and eight zeros that's a large number now the actual number was much bigger and in fact this contract saw the value of one GMX token being worth more than all the Bitcoin currently in circulation yes GMX token was very much overvalued according to the contract now the GMX token uh was being used for collateral for a loan so obviously it being very valuable you could borrow a lot there you go I like my diagrams so one GMX token essentially they were able to borrow all of the either in the contract I don't think it was all of it uh but for all intens purposes why not yes all.

 

 

Highlights:

Hacker's Perspective on Defensive Measures

  • Monitoring and Detection: The speaker views defensive measures from a hacker's standpoint, focusing on the importance of detecting and responding to suspicious activities promptly.
  • Concerns and Considerations: There is a constant concern about whether defenders are effectively monitoring events and capable of taking action to prevent attacks.

Tendery Hack: Price Oracle Misconfiguration

  • Event Overview: The Tendery hack, occurring in March, highlighted a variation of price oracle misconfiguration in a DeFi platform, exploiting a decimal place error in a contract.
  • Solidity Decimal Handling: In Solidity, decimal point handling is not strictly defined, leading to vulnerabilities if not handled properly. The hack involved the overvaluation of a token, enabling the hacker to borrow a substantial amount of Ether.

 

The insights shared in this blog shed light on the ongoing battle between hackers and defenders in the digital realm. By understanding defensive measures from a hacker's perspective and examining real-world exploits like the Tendery hack, we gain valuable insights into the vulnerabilities inherent in contract security. It is imperative for defenders to enhance their monitoring and response capabilities to detect and mitigate such threats effectively. Through proactive measures and continuous improvement in security practices, the crypto ecosystem can strive towards greater resilience and trustworthiness.

 

Speaker:

Gregory Pickett is a renowned expert in the field of cybersecurity, currently serving as the Head of Cybersecurity. With extensive experience in identifying and mitigating security threats, Pickett is recognized for his deep understanding of both offensive and defensive cybersecurity strategies.

His leadership and insights have been instrumental in safeguarding digital assets and ensuring robust security protocols across various organizations.

 

https://www.linkedin.com/in/gregpickettcisspgciagpen/

 
Views: 11
Tags: battlefield, hacking point of view, gregory pickett
E-mail me when people leave their comments –
Follow

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)