Analysis of UwU Lends Blacklisting

Background
On June 10, 2024, according to the MistEye security monitoring system, the UwU Lend platform, which provides digital asset lending services on the EVM chain, was attacked, resulting in a loss of approximately $19.3 million. The SlowMist security team conducted an analysis of the incident and shared the following results:


Related Information
Attacker Address:
0x841ddf093f5188989fa1524e7b893de64b421f47
Vulnerable Contract Address:
0x9bc6333081266e55d88942e277fc809b485698b9
Attacking Transactions:
0xca1bbf3b320662c89232006f1ec6624b56242850f07e0f1dadbe4f69ba0d6ac3
0xb3f067618ce54bc26a960b660cfc28f9ea0315e2e9a1a855ede1508eb4017376
0x242a0fb4fde9de0dc2fd42e8db743cbc197ffa2bf6a036ba0bba303df296408b
Attack Core
The core of this attack lies in the fact that the attacker was able to manipulate the price oracle directly by conducting large exchanges in the CurveFinance pool, affecting the price of the sUSDE token, and using the manipulated price to drain other assets from the pool.
Attack Process
1. Borrow assets through flash loans and manipulate the price of USDE: The attacker first borrowed a large amount of assets through flash loans and exchanged a portion of the borrowed USDE tokens for other tokens in the Curve pool that could impact the price of sUSDE.


2. Create a large number of lending positions: With the sUSDE price plummeting, the attacker deposited other underlying tokens to borrow a large amount of sUSDE tokens.


3. Manipulate the oracle again to raise the price of sUSDE: By performing a reverse exchange operation in the previous Curve pool, the price of sUSDE was quickly raised.


4. Liquidate a large amount of debt positions: Due to the rapid increase in the price of sUSDE, the attacker was able to liquidate a large amount of borrowed positions to obtain uWETH.


5. Deposit the remaining sUSDE and borrow other underlying tokens in the contract: The attacker deposited the sUSDE, which was now at a high price, to borrow more underlying asset tokens for profit.


It is evident that the attacker primarily manipulated the price of sUSDE repeatedly, borrowing extensively at low prices, and liquidating and re-mortgaging for profit at high prices. We followed up to examine the sUSDE price oracle contract, sUSDePriceProviderBUniCatch:


It can be seen that the price of sUSDE is determined by obtaining different prices of 11 USDE tokens from the USDE pool on CurveFinance and UNI V3 pool, sorting and calculating the median based on these prices.
In this calculation logic, 5 prices of USDE are directly obtained using the get_p function to retrieve the spot prices from the Curve pool, which allowed the attacker to directly influence the calculation result of the median price through a large exchange in a single transaction.


MistTrack Analysis
According to the on-chain tracking tool MistTrack analysis, the attacker 0x841ddf093f5188989fa1524e7b893de64b421f47 profited approximately $19.3 million in this attack, with currencies including ETH, crvUSD, bLUSD, USDC, subsequently exchanged for ETH.


By tracing the transaction fees of the attacker’s address, it was found that the initial funds on this address came from 0.98 ETH transferred from Tornado Cash, followed by 5 transactions of funds from Tornado Cash.


Expanding the transaction graph, it was discovered that the attacker transferred 1,292.98 ETH to address 0x48d7c1dd4214b41eda3301bca434348f8d1c5eb6, with the current balance of 1,282.98 ETH; the remaining 4,000 ETH was transferred to address 0x050c7e9c62bf991841827f37745ddadb563feb70, with the current balance of 4,010 ETH.


MistTrack has blacklisted the relevant addresses and will continue monitoring the movement of stolen funds.
Conclusion
The core of this attack involved the attacker exploiting the price oracle’s vulnerability in obtaining spot prices directly and calculating median prices, manipulating the price of sUSDE to engage in lending and liquidation for unexpected profits under significant price differentials. The SlowMist security team recommends that projects enhance the anti-manipulation capabilities of price oracles, design more secure price feeding mechanisms to prevent similar incidents from occurring again.