Security Breach Hits R0AR Staking Contract, $790K In ETH Drained Via Malicious Exploit
In Brief
Blockchain security firms reported that the staking contract of R0AR was compromised, resulting in the loss of 493.7 ETH—valued at around $790,000 at the time of the incident.
Blockchain security firm PeckShield reported that the staking contract of decentralized finance (DeFi) platform R0AR was compromised, resulting in the loss of approximately 493.7 ETH—valued at around $790,000 at the time of the incident.
According to Web3 security provider Cyvers, the attacker deployed a malicious contract a day before the exploit occurred. By depositing a minimal amount—commonly referred to as “dust”—the attacker was able to exploit a vulnerability in the contract’s `emergencyWithdraw()` function, which ultimately led to the unauthorized outflow of funds.
Further analysis shows that the exploiter moved the stolen assets through several intermediary wallets and routed a portion of the funds through Tornado Cash, a privacy-focused protocol used to obfuscate transaction traces.
SlowMist, another blockchain security firm, conducted a separate investigation and identified the root cause as a backdoor embedded within the R0ARStaking contract. During the contract’s deployment, a specific address’s balance was directly manipulated via storage slot modification. This allowed the attacker to later withdraw the full balance using the emergency withdrawal mechanism.
As of the current writing, R0AR has not issued any public statements addressing the breach or detailing potential next steps for affected users.
R0AR: What Is It?
R0AR is a decentralized finance (DeFi) platform developed to provide a secure, transparent, and cost-effective environment for a wide range of users, including cryptocurrency traders, DeFi enthusiasts, and decentralized application (dApp) developers. The platform is designed to support essential DeFi activities such as token trading, yield farming, and NFT storage, while prioritizing user privacy by eliminating the need to surrender private keys.
With an emphasis on usability, R0AR aims to deliver a mobile-optimized experience, positioning itself as a central hub within the broader R0AR token ecosystem. The platform incorporates multiple features, including staking, trading of ERC-20 tokens, and interaction with non-fungible tokens.
Through components like the R0AR Society NFTs and its native token R0AR, it enables users to access staking options, token exchanges, and exclusive reward opportunities tailored to its community.
Disclaimer
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.
About The Author
Alisa, a dedicated journalist at the MPost, specializes in cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a keen eye for emerging trends and technologies, she delivers comprehensive coverage to inform and engage readers in the ever-evolving landscape of digital finance.
More articles
Alisa, a dedicated journalist at the MPost, specializes in cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a keen eye for emerging trends and technologies, she delivers comprehensive coverage to inform and engage readers in the ever-evolving landscape of digital finance.
