Bitcoin Forum
November 09, 2024, 06:35:09 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Our project was hacked, 2 million tokens stolen, liquidity drained, what next?  (Read 136 times)
throwaway_help (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
May 18, 2022, 10:48:16 AM
 #1

So like the title says, our project got hacked, we don't even know the attack vector, how the wallets were accessed and the funds drained, we hired a security company and we're waiting on their report and following up with legal action as soon as we have some answers and IP addresses.

For now, I - a non-technical member of the team- have a question, is there a possibility to cancel the tokens he stole without having to migrate to a new contract? He used the tokens to drain our pool on the dex we're using, so it stands to reason that any liquidity we use to repopulate the pool will be drained in a similar manner.

g-uid
Member
**
Offline Offline

Activity: 259
Merit: 18


View Profile
May 18, 2022, 01:46:47 PM
 #2

So like the title says, our project got hacked, we don't even know the attack vector, how the wallets were accessed and the funds drained, we hired a security company and we're waiting on their report and following up with legal action as soon as we have some answers and IP addresses.

For now, I - a non-technical member of the team- have a question, is there a possibility to cancel the tokens he stole without having to migrate to a new contract? He used the tokens to drain our pool on the dex we're using, so it stands to reason that any liquidity we use to repopulate the pool will be drained in a similar manner.



depends on a number of variables. without details of the token/contract one cannot say for sure.

"we don't even know the attack vector"
how well do you know your team?
Bitstar_coin
Hero Member
*****
Offline Offline

Activity: 2478
Merit: 695


SecureShift.io | Crypto-Exchange


View Profile WWW
May 18, 2022, 02:07:42 PM
 #3

"How well do you know your team?" That's the big question and probably one of the important aspects of a hacking case. People form teams from different parts of the world with different professions so obviously, you can only know them through their online profiles (thanks to LinkedIn) but you don't actually know the motives of these People and how trusted they are.
My point is, perhaps this is an inside job.

Am not a tech person but I understand that the best way is changing the smart contract address to render the stolen tokens useless or ask the dex for help by stopping trading so they can trace and block that address assuming this only trading in this dex.

throwaway_help (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
May 18, 2022, 02:29:14 PM
 #4

"How well do you know your team?" That's the big question and probably one of the important aspects of a hacking case. People form teams from different parts of the world with different professions so obviously, you can only know them through their online profiles (thanks to LinkedIn) but you don't actually know the motives of these People and how trusted they are.
My point is, perhaps this is an inside job.

Am not a tech person but I understand that the best way is changing the smart contract address to render the stolen tokens useless or ask the dex for help by stopping trading so they can trace and block that address assuming this only trading in this dex.

Changing the contract address at this stage would probably cost us more than the theft itself did, so we're leaving this nuclear option as a last resort.
throwaway_help (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
May 18, 2022, 02:40:48 PM
 #5

So like the title says, our project got hacked, we don't even know the attack vector, how the wallets were accessed and the funds drained, we hired a security company and we're waiting on their report and following up with legal action as soon as we have some answers and IP addresses.

For now, I - a non-technical member of the team- have a question, is there a possibility to cancel the tokens he stole without having to migrate to a new contract? He used the tokens to drain our pool on the dex we're using, so it stands to reason that any liquidity we use to repopulate the pool will be drained in a similar manner.



depends on a number of variables. without details of the token/contract one cannot say for sure.

"we don't even know the attack vector"
how well do you know your team?

Well, I know my team fairly well and can access most of the data I need, what more details would you need to know something like this?
I'm merely asking about the possibility of canceling tokens associated with a certain address.
asriloni
Legendary
*
Offline Offline

Activity: 3192
Merit: 1033


Leading Crypto Sports Betting & Casino Platform


View Profile
May 19, 2022, 02:48:52 AM
 #6

So like the title says, our project got hacked, we don't even know the attack vector, how the wallets were accessed and the funds drained, we hired a security company and we're waiting on their report and following up with legal action as soon as we have some answers and IP addresses.
Im feeling so bad with it. It seems like that hacked may have drained the whole of funds in the wallet, right?
There shall be a vulnerability in the code, this may be right as your wallet can be accessed. This pretty similar thing with what happened with vulcan forged.


For now, I - a non-technical member of the team- have a question, is there a possibility to cancel the tokens he stole without having to migrate to a new contract? He used the tokens to drain our pool on the dex we're using, so it stands to reason that any liquidity we use to repopulate the pool will be drained in a similar manner.
No chance for this. That's why as developers and you must also put very important function to your smartcontract to avoid this like frozen or blocking function into your smartcontract. if your smartcontract didn't contain this function and that's impossible to cancel the tokens.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
vv181
Legendary
*
Offline Offline

Activity: 1932
Merit: 1273


View Profile
May 19, 2022, 09:47:55 AM
 #7

~ is there a possibility to cancel the tokens he stole without having to migrate to a new contract? He used the tokens to drain our pool on the dex we're using, so it stands to reason that any liquidity we use to repopulate the pool will be drained in a similar manner.
There is none.

How could you expect such things is possible? especially since the attack vectors are unknown and even if it is known, the fund that have been lost has nearly zero chance to get it back. Have you heard if there is any vulnerability of another project that results in the funds can be retrieved back? I don't think so. Why exactly would you think that possible anyway.
masterrex
Full Member
***
Offline Offline

Activity: 1820
Merit: 107



View Profile
May 19, 2022, 10:38:19 AM
 #8

Damnit this incident is very common nowadays, and this is bad the negative side of Defi hype is full of exploits coming from different angles. Anyway, I think this is a technical question that's why it's better to ask this problem to someone who has that technical expertise about smart contract functions, But I believe some of the technical people are here on this forum so just wait for other users reply.   
throwaway_help (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
May 19, 2022, 11:13:37 AM
 #9

Damnit this incident is very common nowadays, and this is bad the negative side of Defi hype is full of exploits coming from different angles. Anyway, I think this is a technical question that's why it's better to ask this problem to someone who has that technical expertise about smart contract functions, But I believe some of the technical people are here on this forum so just wait for other users reply.   

Yes my friend, this is why I asked here, I thought this is the best place to get an informed answer.
hugeblack
Legendary
*
Offline Offline

Activity: 2688
Merit: 3969



View Profile WWW
May 19, 2022, 12:00:07 PM
 #10

is there a possibility to cancel the tokens he stole without having to migrate to a new contract?
If there is a line in the smart contract that allows you to freeze funds, you will be able to do it even if the funds are in wallets. Otherwise, you will need to completely change the smart contract.

Generally, finding a vulnerability in a smart contract is not an easy so either your technical team has low technical knowledge or there is a possibility of an internal hack, in any case you need to study how the hack occurred to ensure that it does not happen again.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
throwaway_help (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
May 19, 2022, 12:04:49 PM
 #11

is there a possibility to cancel the tokens he stole without having to migrate to a new contract?
If there is a line in the smart contract that allows you to freeze funds, you will be able to do it even if the funds are in wallets. Otherwise, you will need to completely change the smart contract.

Generally, finding a vulnerability in a smart contract is not an easy so either your technical team has low technical knowledge or there is a possibility of an internal hack, in any case you need to study how the hack occurred to ensure that it does not happen again.

The contract was audited by a reputable company, so slim chance it has any vulnerabilities, more likely an end device was hacked, but we're still trying to determine that, also, my team doesn't have low technical knowledge, I'm just conducting my own investigation to present some solutions during our meeting.
g-uid
Member
**
Offline Offline

Activity: 259
Merit: 18


View Profile
May 19, 2022, 12:30:37 PM
 #12

is there a possibility to cancel the tokens he stole without having to migrate to a new contract?
If there is a line in the smart contract that allows you to freeze funds, you will be able to do it even if the funds are in wallets. Otherwise, you will need to completely change the smart contract.

Generally, finding a vulnerability in a smart contract is not an easy so either your technical team has low technical knowledge or there is a possibility of an internal hack, in any case you need to study how the hack occurred to ensure that it does not happen again.

The contract was audited by a reputable company, so slim chance it has any vulnerabilities, more likely an end device was hacked, but we're still trying to determine that, also, my team doesn't have low technical knowledge, I'm just conducting my own investigation to present some solutions during our meeting.

suggest you share the contract if you want more informed opinions
throwaway_help (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
May 19, 2022, 12:43:12 PM
 #13

is there a possibility to cancel the tokens he stole without having to migrate to a new contract?
If there is a line in the smart contract that allows you to freeze funds, you will be able to do it even if the funds are in wallets. Otherwise, you will need to completely change the smart contract.

Generally, finding a vulnerability in a smart contract is not an easy so either your technical team has low technical knowledge or there is a possibility of an internal hack, in any case you need to study how the hack occurred to ensure that it does not happen again.

The contract was audited by a reputable company, so slim chance it has any vulnerabilities, more likely an end device was hacked, but we're still trying to determine that, also, my team doesn't have low technical knowledge, I'm just conducting my own investigation to present some solutions during our meeting.

suggest you share the contract if you want more informed opinions

I would be breaking my confidentiality agreement if I did so, I can't do that until the whole thing is public.
ItsNotSean
Member
**
Offline Offline

Activity: 70
Merit: 12


View Profile
May 19, 2022, 03:04:01 PM
 #14

The contract was audited by a reputable company, so slim chance it has any vulnerabilities, more likely an end device was hacked, but we're still trying to determine that, also, my team doesn't have low technical knowledge, I'm just conducting my own investigation to present some solutions during our meeting.
Code audits are helpful but they are by no means definitive proof of anything. More than a few projects that were audited by established and respected teams have gone on to have exploits discovered upon release.

The most recent publicised one I can think of was critical exploit in MinSwap's smart contract(s) discovered by Wingriders (a competitor swap/dex on the Cardano network) once they went open source.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!