PANews reported on April 22 that Web3 security company GoPlus stated on X platform that on April 16, the DeFi project R0AR on Ethereum was stolen of approximately $780,000 due to a contract backdoor. The project team released an incident report today (the report indicates that funds have been recovered, but the address and transaction hash have not been publicly disclosed). This is a typical contract backdoor incident, reminding users to be cautious of backdoor contracts (0xBD2Cd7) and avoid interacting with such contracts.
The contract (R0ARStaking) had a backdoor when deployed, with the malicious address (0x8149f) initially built-in with a large amount of $1R0R available for withdrawal. The malicious address first made small deposits and harvests, preparing to execute a malicious EmergencyWithdraw(). According to the contract code logic (as shown in the image), because rewardAmount > r0arTokenBalance (contract balance), rewardAmount was set to the contract's token balance, and then all tokens in the contract were transferred to the malicious address (0x8149f). Similarly, all LP Tokens were transferred to the malicious address. Finally, userInfo.amount was set to 0. The userInfo in the contract is a Mapping structure, with its address calculated dynamically through the Hash of userInfo's key (uid and msg.sender), suggesting that this backdoor was calculated using the malicious address before contract deployment.
