Skip to content

Maestro Telegram Bot Smart Contract Hack Analysis

Posted on:November 15, 2023 at 09:55 AM

Calling all Web3 developers and security enthusiasts! Contribute and gain recognition on web3sec.news

The ultimate open-source platform for sharing Web3 security insights. Publish your blog topics, from the latest news to blockchain tech and audits, and receive feedback and exciting opportunities.

Join the vibrant Web3 security community today 🤝

Introduction:

On October 25, 2023, the Maestro project, which offers crypto tools to Telegram users, suffered a security breach due to insecure external calls inside their Router smart contract. This vulnerability allowed an attacker to select an arbitrary victim’s address, execute the ‘transferFrom’ function, and steal the victim’s tokens.

The Maestro Hack was particularly alarming because it did not require user consent or authorization. Without approval, an attacker directly accessed and transferred tokens from a victim’s address. Let’s break down how the exploit happened, and how to prevent it in the future.

Smart Contract Hack Intel:

Maestro attack txn

Fig: The attacker’s initial transaction

External Caller Bug Explained:

An attacker can manipulate a contract’s flow and mappings by exploiting a delegatecall bug. This bug allows them to interfere with the contract’s execution, even if they are not the contract owner. In a delegatecall, the code from one contract is executed in the context of another contract. When this is abused, the attacker can influence the behavior of the contract, potentially altering its state and outcomes

Example:

An attacker can use this exploit to steal ERC-20 tokens from a contract by deploying a malicious contract with a function that transfers tokens to an address of their choosing. They then call the function from a random address, triggering the bug and allowing them to transfer all of the tokens in the contract to their own address.

A step-by-step breakdown:

Proxy Contract

Tracing transaction

Vulnerable Code

Attack Explained

Maestro team instant fixed

Protection Strategies:

In the specific case of function 0x9239127f in the Router2 user token allowance contract, this would involve adding a similar validation check to the beginning of the function:

require(source == msg.sender, "Source address must be equal to msg.sender");

This would prevent attackers from calling the function with a different source address, thereby preventing them from sending transactions from the victim’s point of view.

It is important to note that all publicly accessible functions should be validated in this way, regardless of whether or not they invoke the transferFrom function. This is because any publicly accessible function could potentially be exploited by an attacker to steal assets or modify the contract’s state.

Lessons Learned from the Security Incident?

A contract without a thorough security review is a hack waiting to happen. In this case, it’s unclear whether the Maestro team had audited their contracts, or whether they had integrated security testing into their development cycle.

This blog was written in collaboration with Nathan Ostrowski, If you care deeply about boosting your protocol’s security and reducing your spending on audits, They’ve just started accepting applications for next beta cohort.

Thank you for reading ✌🏻