Open in app

Sign in

Write

Sign in

PECO & DFI Post-Mortem — December 26th, 2022

Amun Tokens
Amun
Published in
2 min readDec 26, 2022

TL;DR

  • On December 26, 2022, the decentralized tokens — PECO and DFI — were compromised resulting in a loss of underlying funds that were valued (at the time) at approximately $300k. We have identified the attacker’s wallet, who is currently holding the funds at 0xf8b17Df4da32FAfDdA970aE1f76D2DbfF7091913. They were able to take control of the tokens’ rebalance-manager address and hence rebalance the tokens into fake underlyings.
  • The attacker then minted 80 billion tokens and sold them on all available decentralized exchanges (DEXs), leading to the draining of all available liquidity pools.
  • As a fellow community member, 21.co, the parent company of Amun, is committed to providing relief to impacted token holders. We will share details on how impacted token holders can expect relief as soon as possible.

What Happened

At 12:55 AM UTC on December 26th the attacker began creating fake tokens using the 0xd7948f06256831d1f0287d81bf1e6b19185aa69a address. This is an address that Amun previously used to effectuate rebalances for the tokens and was the only address that was able to rebalance the tokens. This address is considered compromised, as of now. After creating multiple fake tokens as well as a fake exchange, the attacker set the PECO rebalance manager to target the fake DEX created by the attacker for rebalance. The attacker then forced the PECO token to rebalance, swapping all the true underlying tokens to ones created by the attacker. The rebalancing process transferred all the true underlyings to the attackers wallet, where they were swapped for Matic. The funds currently remain in the attacker’s wallet address, as of the time of this writing.

The same exploit was then carried out on the DFI token, which uses the same address for executing rebalances.

Next Steps

The team is working diligently to identify all impacted token holders and will be proposing a plan to provide relief to fellow impacted token holders. We will update the community as soon as a timeline for repayment is determined.

--

--

Amun Tokens
Amun

Written by Amun Tokens

4 Followers
Editor for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams