NimbusPlatform

Slow Fog: NimbusPlatform was attacked, and the attackers profited approximately 278 BNB

ChainCatcher news, according to the Slow Mist security team's intelligence, the project NimbusPlatform on the BNB Chain was attacked, with the attacker profiting approximately 278 BNB.The attack process is as follows:The attacker first executed a transaction 8 days ago (0x7d2d8d), exchanging 20 BNB for NBU_WBNB and then for GNIMB tokens, and subsequently transferred the GNIMB tokens into the Staking contract as collateral, preparing for the attack.After 8 days, the attacker officially initiated the attack transaction (0x42f56d3), first borrowing 75,477 BNB through a flash loan and exchanging it for NBU_WBNB, then using these NBU_WBNB tokens to redeem the vast majority of NIMB tokens from the pool.Next, the attacker called the getReward function of the Staking contract to extract rewards. The calculation of rewards is positively correlated with the value of the rate, which depends on the prices of NIMB and GNIMB tokens in the pool. Since the price of NIMB tokens is calculated based on the quantity of tokens in the pool manipulated by the previous flash loan, it results in a higher price due to the large amount of tokens exchanged in the flash loan, leading to a greater calculated reward.Finally, the attacker exchanged the GNIMB tokens obtained and the NIMB tokens held for NBU_WBNB tokens and then converted them back to BNB, repaying the flash loan profitably. The main reason for this attack lies in the fact that the reward calculation solely depends on the quantity of tokens in the pool, which was manipulated by the flash loan, resulting in rewards exceeding expectations. The Slow Mist security team suggests ensuring the security of price sources when calculating token rewards.
ChainCatcher Building the Web3 world with innovators