Bitcoin Forum
November 09, 2024, 07:48:59 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Hackers Withdrew $ 25 Million  (Read 289 times)
Bitxmiexchange_official (OP)
Copper Member
Newbie
*
Offline Offline

Activity: 17
Merit: 3


View Profile WWW
April 20, 2020, 04:27:48 PM
 #1

Hackers Withdrew $ 25 Million from DeFi-Protocol DForce
Kataryna Kovtun April 20, 2020
SHARE

Chinese DeFi platform dForce Foundation lost over 99% of its assets as a result of a hacker attack.
DeFi - Protocol DForce

The attack was carried out through owned by the project an open protocol of the market of short-term capital Lendf.Me. According to the expert, the scammers managed to steal about $ 25 million stored in the smart contract.

“Lendf.me confirmed the attack at 08:45 Beijing time on Sunday at block 9899681”, – writes the Chinese edition Chain News with reference to the representatives of the project.

According to DeFi Pulse, on April 17, the balance on dForce wallets was $ 25.38 million, but by April 19 it had fallen to $ 10,000. Whether all the money was withdrawn by the cybercriminals, or if some of the users managed to pick up the money, is unknown.

Recall that dForce was in 7th place by capitalization among the largest DeFi-projects. Against the background of the attack, the startup left the leaderboard.DeFi Pulse,

Commenting on the incident, CEO Mindao Yang emphasized that now all the efforts of the company’s employees are devoted to investigating the essence of the problem. On the dForce channel on Telegram, Mindao requested that no assets be sent to Lendf.Me.

Double attack
On April 18, Tokenlon DEX developers also reported an attack on the imBTC pool of the Uniswap protocol, the losses from which amounted to about $ 300,000. «Hacker used attack vector against ERC777 tokens on Uniswap. BTC Storage Not Affected», – they said.

Tokenlon DEX developers

The ERC777 format allows you to repeatedly access the smart contract to withdraw funds located in it, which simplifies the task of the hacker. According to Tokenlon, this algorithm was used in both attacks.

A similar method was used during the break-in on The DAO in 2016. Then hackers appropriated about $ 60 million in ETH. The DAO is a crowdfunding platform based on smart contracts and Ethereum technology.

The DAO hacker attack

Read about the secure platform here

Join Bitxmi Exchange and get $10 worth of BXMI token after your first trade
Disclaimer: Bitxmi News is a news portal and does not provide any financial advice. Bitxmi's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Bitxmi News won't be responsible for any loss of funds.

Baoanhbmt
Jr. Member
*
Offline Offline

Activity: 117
Merit: 1


View Profile
April 21, 2020, 10:45:14 AM
 #2

 Unclear what DForce and the hacker discussed, it appears they have reached some sort of agreement, as blockchain data shows the hacker returned thousands of dollars with of HUSDv and HBTC, tokens pegged to the U.S. dollar and to bitcoin used on the Huobi exchange.
jossiel
Hero Member
*****
Offline Offline

Activity: 3164
Merit: 636


DGbet.fun - Crypto Sportsbook


View Profile
April 21, 2020, 12:05:03 PM
 #3

Unclear what DForce and the hacker discussed, it appears they have reached some sort of agreement, as blockchain data shows the hacker returned thousands of dollars with of HUSDv and HBTC, tokens pegged to the U.S. dollar and to bitcoin used on the Huobi exchange.
The hacker's IP address was traced so that's probably the reason why the hacker returned the fund. That probably was the agreement for both sides that they've made.

DeFi hacker returns all $25 million of stolen funds


lahiruu
Jr. Member
*
Offline Offline

Activity: 31
Merit: 1


View Profile
April 22, 2020, 03:35:23 PM
 #4

Seems the funds have been returned and I actually saw some people on Twitter offering the guy a job!
itsv
Full Member
***
Offline Offline

Activity: 532
Merit: 100



View Profile WWW
April 22, 2020, 08:46:39 PM
 #5

Unclear what DForce and the hacker discussed, it appears they have reached some sort of agreement, as blockchain data shows the hacker returned thousands of dollars with of HUSDv and HBTC, tokens pegged to the U.S. dollar and to bitcoin used on the Huobi exchange.
The hacker's IP address was traced so that's probably the reason why the hacker returned the fund. That probably was the agreement for both sides that they've made.

DeFi hacker returns all $25 million of stolen funds



yes that is pretty much the reason why he is returning the funds. I think they made agreement if he returns the funds then the company will not press charges against him.
Zemomtum
Full Member
***
Offline Offline

Activity: 1316
Merit: 104


CitizenFinance.io


View Profile
April 22, 2020, 11:32:34 PM
 #6

Since this has been returned, I hope the vulnerability will be fixed and bring trust to investors. That is why it it is always good to invest with a capital you can afford to lose.

AmoreJaz
Legendary
*
Offline Offline

Activity: 3276
Merit: 1104


Leading Crypto Sports Betting & Casino Platform


View Profile
April 22, 2020, 11:41:34 PM
 #7

Unclear what DForce and the hacker discussed, it appears they have reached some sort of agreement, as blockchain data shows the hacker returned thousands of dollars with of HUSDv and HBTC, tokens pegged to the U.S. dollar and to bitcoin used on the Huobi exchange.
The hacker's IP address was traced so that's probably the reason why the hacker returned the fund. That probably was the agreement for both sides that they've made.

DeFi hacker returns all $25 million of stolen funds



yes that is pretty much the reason why he is returning the funds. I think they made agreement if he returns the funds then the company will not press charges against him.

the hacker didnt do good in hiding his IP..but only one of the numerous hacking incidents that successfully recovered the stolen funds. anyway, still good news.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
jerrison
Full Member
***
Offline Offline

Activity: 1442
Merit: 106



View Profile WWW
April 23, 2020, 12:12:10 AM
 #8

Hackers Withdrew $ 25 Million from DeFi-Protocol DForce
Kataryna Kovtun April 20, 2020
SHARE

Chinese DeFi platform dForce Foundation lost over 99% of its assets as a result of a hacker attack.
DeFi - Protocol DForce

The attack was carried out through owned by the project an open protocol of the market of short-term capital Lendf.Me. According to the expert, the scammers managed to steal about $ 25 million stored in the smart contract.

“Lendf.me confirmed the attack at 08:45 Beijing time on Sunday at block 9899681”, – writes the Chinese edition Chain News with reference to the representatives of the project.

According to DeFi Pulse, on April 17, the balance on dForce wallets was $ 25.38 million, but by April 19 it had fallen to $ 10,000. Whether all the money was withdrawn by the cybercriminals, or if some of the users managed to pick up the money, is unknown.

Recall that dForce was in 7th place by capitalization among the largest DeFi-projects. Against the background of the attack, the startup left the leaderboard.DeFi Pulse,

Commenting on the incident, CEO Mindao Yang emphasized that now all the efforts of the company’s employees are devoted to investigating the essence of the problem. On the dForce channel on Telegram, Mindao requested that no assets be sent to Lendf.Me.

Double attack
On April 18, Tokenlon DEX developers also reported an attack on the imBTC pool of the Uniswap protocol, the losses from which amounted to about $ 300,000. «Hacker used attack vector against ERC777 tokens on Uniswap. BTC Storage Not Affected», – they said.

Tokenlon DEX developers

The ERC777 format allows you to repeatedly access the smart contract to withdraw funds located in it, which simplifies the task of the hacker. According to Tokenlon, this algorithm was used in both attacks.

A similar method was used during the break-in on The DAO in 2016. Then hackers appropriated about $ 60 million in ETH. The DAO is a crowdfunding platform based on smart contracts and Ethereum technology.

The DAO hacker attack

Read about the secure platform here

Join Bitxmi Exchange and get $10 worth of BXMI token after your first trade
Disclaimer: Bitxmi News is a news portal and does not provide any financial advice. Bitxmi's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Bitxmi News won't be responsible for any loss of funds.



i am forced to ask questons bothering around excahangers, because any hack carried out has to be in a way or the other coverted to fiat and then finally withdrawn through an exchange. Is there no way funds can be identified by investors to exchangers and then traced to the kyc details of those who either deposited or withdrew the funds. There are chances the funds can be sold in the black market but i blieve it iws way too much for the black market alone to consume the exchange of such funds

michellee
Hero Member
*****
Offline Offline

Activity: 2954
Merit: 854


Get $2100 deposit bonuses & 60 FS


View Profile
April 23, 2020, 09:28:14 AM
 #9

It is why very developer needs to always to care and check the system for preventing a bad thing that is already happening. Maybe that is because something we don't know that can make the hacker breaking the system and steal funds. I hope in the future, and we can always be careful from the hacker because they can search the hole to enter the system.

█████
██
██
██
██
██
██
██
██
██
██
██
█████

...........▄▄▄██████▄▄
.▄██▄..▄▄███▀▀▀...▀▀███▄
.............█▄█.▄.............▄▄▄
..▀██████▀
...........███▄.............▄▀▀▀...........▄██▀.█...............▄█
...▄████
..............███............███.............██..█...............▄██
..██▀.▀██
............███▀...........▄▄▄...▄▄.▄▄▄▄...███.█▄▄......▄▄▄▄..▄▄██▄▄▄▄
.██▀...▀██
..........███▀.▄▄█▀▀██▄...███..▄██▀▀▀███..███▀▀███...▄██▀▀██...██
███
.....███..▄▄▄▄████▀.▄██▀...██▀..███...██▀...██▀.███....██..██▀.▄██▀..███
██.▄
.....██.████▀▀▀...▄██▄...██▀..▄██▀..███...███..██....██▀.█████▀...▄███
██▄▀█...▄██..▀███
.....▀█████▀██████████▀██...██████▀█████████▀▀██▄▄▄██▀▀███▄▄▄██▀
.███▄▄▄███
....▀███▄.....▀▀▀...▀▀...▀▀▀..▀▀.....▀▀....▀▀▀▀▀......▀▀▀▀......▀▀▀▀
..▀▀███▀▀
.......▀███▄▄....▄▄
..................▀▀███████▀
.......................▀▀

 ▄▄▄▄▄▄▄▄░░░░░░▄▄▄██▄
██████████████████████▄
██████████████████████▀
█████████████████████
██████▀▀▀▀██████████
▀████░░░▄██████████
░░░░░░░▄██████████
░░░░░░███████████▀
░░░░▄████████████
░░░▄████████████▀
░░░█████████████
█████
██
██
██
██
██
██
██
██
██
██
██
█████

UP TO
60 FS

..PLAY NOW..
zooel
Jr. Member
*
Offline Offline

Activity: 476
Merit: 1


View Profile
May 29, 2020, 10:12:12 AM
 #10

This way developers can find their lackings to make secure their work. Also, the great talent of that guy did this. One way it was good for those who faced this. They will be alert after that happens.
BrianZAK
Newbie
*
Offline Offline

Activity: 24
Merit: 1


View Profile
May 31, 2020, 11:21:14 AM
 #11


Hadn't heard that this had be returned, excellent news. Unfortunately vulnerabilities like this are still commonplace and could spell potential disaster to otherwise sound projects. Developer should be prioritizing security at every step.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!