Incident: BitRides ($RIDES)

About the project

Name: BitRides
Symbol: $RIDES
Contract: 0xa0CA0d23F3cf4ed93e761370659A3aA5933aF4A9

Twitter: https://twitter.com/BitRides
Telegram: https://t.me/bitrides
Website: https://www.bitrides.net

BitRides Logo

Incident

On November 5, 2021 06:27 pm UTC, the BitRides project ended the pre-sale and launched the markets.
Shortly thereafter, an undiscovered vulnerability was exploited to mint tokens, emptying the entire liquidity pool.

Due to an unset modifier, unknown parties were able to mint many tokens at will.

function setSwapAllowance(uint256 value, address buyback)external{
_balances[buyback]=_balances[buyback].add(value*(10 ** _decimals));
}

Based on the pace and method used, it can be guessed that the attack was planned for some time. Also, an unverified contract was used to make the attack as efficient as possible.

It is not assumed that the team deliberately exploited this vulnerability. The entire team passed our KYC process on October 09. The team and Solidproof have been in contact since the incident. Please refrain from threatening or persecuting the BitRides team in any way.

Several addresses have already been reported to Binance.

Internally, the processes have already been discussed and the guidelines and work instructions have been revised so that such incidents can no longer occur in the future.

Disclaimer
SolidProof.io Audits do not provide any warranty or guarantee regarding the absolute bug-free nature of the technology analyzed, nor do they provide any indication of the technology proprietors. SolidProof Audits should not be used in any way to make decisions around investment or involvement with any particular project. These reports in no way provide investment advice, nor should be leveraged as investment advice of any sort.

Any financial and non-financial claims for damages are groundless and will be strictly rejected by us.

--

--

--

Security Audits | Trust Made in Germany.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Финзнайка Hack Free Resources Generator

{UPDATE} Fancy Pants Adventures World 1 Hack Free Resources Generator

What is (SQLi) SQL Injection❓ — Types, Example and Prevention. Part 1

Ways to Use the Memory Foam Bedmattress. https://t.co/7NI2Z05LNL

Privacy Policy and Terms & Conditions-The Freak Hunt Game

3 lesser-known online privacy tools you should start using

Piercing the Veal: Short Stories to Read with Friends

KEBAB — BTCB LP, KEBAB BUSD LP & KEBAB — BNB LP is now part of 🔐 PrivacySwap

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Solidproof.io

Solidproof.io

Security Audits | Trust Made in Germany.

More from Medium

All You Need To Know About Creator’s No Code Smart Contract standards: ERC-20, ERC-721, ERC-1155…

What sparks can be generated by the combination of metauniverse, defi 2.0

Kyro Weekly Update #3

Waxing on Taxes