Fortress Protocol Price Manipulation

Fortress Protocol Price Manipulation

The Defi lending and credit protocol @Fortressloans announced on 9th may that about $3 million worth of cryptocurrency had been stolen from the platform during an attack.


Firstly, there was a vulnerability in protocol's oracle as the price submit() function was publicly callable.

This function was called by the attacker and changed the price of FTS directly. Moreover, the attacker used $8000 to buy 296,193 FTS to vote for a proposal that add the FTS token as collateral.

On Binance smart chain, the attack was funded with ETH originally sourced from Tornado Cash on the mainnet. The funds were then swapped for a large number of FTS which were used to reach a quorum to submit the malicious proposal as collateral.

The attacker deposited 1048 ETH ($2.6M) and 400k DAI into Tornado Cash after the exploit. Two audit firms audited the platform, neither of which found a vulnerability in the code.



