$25 Million In Crypto STOLEN By Hackers... Then Returned!?
A Lesson In Turning The Tables...
Decentralized cryptocurrency loan platform 'Lendf.Me' suffered a security breach earlier this year, around $25 million worth of cryptocurrency was stolen.
The full-geek explanation; an exploit in the DeFi smart contracts, specifically the callback mechanism, enabled the hacker to withdraw ERC777 tokens repeatedly, this exploit allows them to drain the account without the new balance being immediately updated and showing the theft, until it's too late.
Upon discovering this, things couldn't have looked any worse, and the CEO with no choice but to announce the news, publicly made this depressing statement:
"This attack not only harmed our users, our partners, and my co-founders, but also me personally. My assets were stolen in this attack, too. This attack was my failure. While I did not execute it, I should have anticipated it and taken actions to prevent it. My heart goes out to everyone harmed, and I will do everything in my power to make this right. I sincerely apologize to our users, to our new investors, and to my team for letting them down."
While it sounded like the company was down and out, possibly forever - this was actually just the beginning.
The site's CEO Mindao Yang wanted to try negotiating, so he had his team leave a note for the hackers on the blockchain, saying "Contact us. For your better future" along with their direct contact information.
The Counterattack...
Here's where they got it right - instantly their team sprang into action, bringing in security firm SlowMist, which specializes specifically in blockchain-based cybersecurity, along with the Singapore Police.
They then announced on their social media that the process of tracking down the hackers had begun.
While we don't know what (if anything) was left behind as far as clues that could lead to the hackers, the company began a campaign to put them in a state of paranoia, stating on their site that there were 'traces left by the hackers before and after the attack' allowing them to 'cross-check with the resources of various parties at home and abroad to obtain breakthrough clues, getting closer to the hacker'.
At the same time, they began contacting other exchanges and making them aware of the hack, getting them to blacklist, and freeze any wallets receiving the stolen coins. If they can't trade the coins - they're worthless.
The Hackers Couldn't Take The Heat...
The stress was too much, this wasn't going to be the easy payday that they planned on. The combination of a security firm in the process of tracking them down, and the coins becoming hard to spend as more exchanges blacklisted them, led the hackers to decide it just wasn't worth it anymore.
They began returning *some* of the stolen crypto, hoping to meet in the middle and still walk away with some profit. Then, something must have really spooked them - the following day they sent back everything they had left.
Nearly All Of the $25 Million Was Recovered...
While the company stated 'all' the assets had been recovered, we were only able to verify $24 of the original $25 million as being returned. But we won't bother getting hung up on a $1 million loss, compare to how this story started - this is a win.
Any users with funds stolen have been promised 100% will be returned.
The company is now bringing in 3rd party experts to both analyze what went wrong, and what needs to be done to fortify their security in the future.
As for the hackers, and likely part of the deal: the company has withdrawn their request to press charges with the Singapore Police.
------
Ross Davis is the Editor In Chief at the Crypto Press Association, overseeing a global team covering everything related to cryptocurrency and blockchain technology.
Twitter: @RossFM
-------
About the Creator
Ross Davis
● San Francisco's Award Winning Broadcaster
● Syndicated Journalist @ Google News, Apple News
● Editor At Large @ the Global Crypto Press Association, Silicon Valley
Keep reading
More stories from Ross Davis and writers in The Chain and other communities.
Blockchain In Chains: How The US Gov Lost A Multi-Billion Dollar Industry...
In the 90's American investors became rich investing in any company with ".com" in it's name. Did the company need to be making a profit? Nope. Did they need a plan to eventually make a profit? Again, no. But that didn't stop a company from being valued at $50 million.
By Ross Davis4 years ago in The Chain
Revenue and Profitable streams of Decentralized Exchange like Uniswap
Creating a Uniswap clone app can be a profitable venture, leveraging the decentralized finance (DeFi) space. Uniswap is a decentralized exchange (DEX) that allows users to swap various cryptocurrencies directly from their wallets without intermediaries. Here's an overview of potential revenue streams and the profitability considerations for creating a Uniswap clone app
By flynnrider5 days ago in The Chain
The Rise of HamiCoin
In the ever-evolving world of cryptocurrencies, where serious financial instruments often dominate the conversation, a new contender has emerged that blends humor with strategic brilliance. Hami Coin, a cryptocurrency featuring the face of an adorable hamster, has defied expectations to become a meme coin sensation, now worth over a million dollars. While it may initially sound like a prank, Hami Coin's success story is anything but a joke. This quirky coin has captured the hearts and wallets of investors worldwide, thanks to meticulous planning, a clear vision, and a hefty dose of humor.
By Amal Prince7 days ago in The Chain
Comments
There are no comments for this story
Be the first to respond and start the conversation.