The Decentralised Autonomous Organisation (DAO) was a smart contract deployed on the Ethereum blockchain network designed to fund blockchain projects and reward investors.

On 17th June 2016, the attacker made use of the fact that the withdrawBalance function can be called recursively on a specified address, to withdraw a specified amount of money, without having its
balance updated. Had the withdrawBalance function been written properly to guard against reentrancy, this attack wouldn’t have been successful at all.

The attacker initiated the attack and withdrew 3500000 ETH into a child DAO contract. In order to resolve this, initially, a Robin Hood Group drained the remaining funds in the affected DAO contract with the intention of returning the ETH to its original owners.

Subsequently, due to the stolen funds being frozen (by a failsafe within the DAO contract) for 2 weeks within the child DAO contract, this issue was resolved (within 2 weeks) when the Ethereum foundation and community agreed to a hard fork, which gave birth to the current Ethereum blockchain (where the stolen funds were forcibly returned to the DAO) and the Ethereum Classic blockchain (where the stolen funds did not return).

References:

  1. https://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/
  2. https://medium.com/@MyPaoG/explaining-the-dao-exploit-for-beginners-in-solidity-80ee84f0d470
  3. https://blog.slock.it/the-history-of-the-dao-and-lessons-learned-d06740f8cfa5#.sq7b1671v
  4. https://quantstamp.com/blog/what-is-a-re-entrancy-attack
  5. https://vessenes.com/deconstructing-thedao-attack-a-brief-code-tour/