2022.10.08 - Xave Finance

On October 8, 2022, at 10:26:59 UTC, the Hypernative platform detected a suspicious activity, which our automated analysis suggested may try to exploit Xave Finance (formerly known as HaloDao), in their RAINBOW and/or LPOP tokens, possibly involving a DAOModule related exploitation. At this stage Hypernative contacted the projects to try and alert them. Almost 4 hours later, at 14:13:47 UTC, an exploit involving the LPOP and RAINBOW tokens was executed in a transaction through the suspicious contract, which was also alerted by the Hypernative system. At 17:02:23 UTC the system detected a second exploit, with a similar pattern of attack behavior, suggesting the involvement of the same attacker.