The hacker complicated things somewhat for OneRing by covering their tracks. They used a "self-destruct" mechanism — typically used by developers to destroy smart contracts that are found to have a bug — to destroy the contract they used to carry out the attack, making it more difficult for OneRing to determine which parts of their codebase were vulnerable and led to the attack.
Hacker steals $1.45 million from OneRing Finance using code that self-destructs after the attack
A hacker was able to use a flash loan attack to exploit an issue with OneRing Finance. By manipulating the price of tokens in the project's liquidity pool, the hacker was able to draw out 1.45 million USDC, a stablecoin pegged to the US dollar. According to PeckShield, the loss to the protocol was larger than what the hacker actually was able to cash out.
- "OneRing Finance exploit. Post-mortem — After OShare Hack.", OneRing Finance blog
- Tweet thread by PeckShield