אינדקס פיננסים הבין את ההאקר שגנב 16 מיליון דולר מהפרויקט
The developers of the DeFi protocol Indexed Finance claim to have managed to find a cracker who stole about 16 million worth of crypto assets from them.
On October 15, a hacker managed to withdraw millions of dollars from the Indexed Finance protocol by using an exploit to rebalance liquidity pools. As a result, not only several index tokens of the ERC-20 standard CC10 and DEFI5 but also the FFF meta-index suffered. Due to the attack, DEFI5 collapsed by 85% within an hour after the hack from $88.7 to $3.6 per token, while CC10 lost more than 98% of its value, ending the day at $0.7 instead of $62.5.
The developers decided not to negotiate with the hacker, have put forward an ultimatum: the hacker returns the funds within the announced period, or they turn to law enforcement agencies and publish all the data they have about the attacker. There was no response to the threat, although the Indexed Finance team reported that the protocol hacker was younger than they expected.
After some time, Indexed Finance managed to contact the attacker. He wrote to them on Discord himself but soon deleted the correspondence. They also learned that this person participated in the Notion protocol audit competition conducted by Code 432n4, having successfully received from them about 8,400 USDC as a reward.
After talking with representatives of Code 432n4, the Indexed Finance team learned that the attacker also wrote to them, clarifying whether it is possible to change the address that was displayed in the list of winners of the Notion auditor competition. The main reason for this interest on the part of the hacker, according to Indexed Finance, was that the address is associated with a smart contract for money laundering by the attacker in Tornado.cash. By starting to analyze it, Indexed Finance developers were able to access the Coinbase and Binance wallets to which the cracker was sending money. Now they are waiting for feedback from the exchange representatives while trying to persuade the hacker to dialogue.
Update: we have identified the Indexed attacker and found links to exchanges. We are now presenting an ultimatum.https://t.co/6up6ekN26g— Laurence Ξ. Day (@laurence_e_day) October 16, 2021
However, while he is extremely taciturn, and 16 million dollars of Indexed Finance users are in limbo. The developers said they intend to consult with protocol teams that have previously encountered similar problems in order to build the most effective plan for returning the assets of their users.
Some members of the crypto community believe that Indexed Finance should have reconsidered the approach to understanding "hacking", saying that if someone took advantage of the imperfection of the code, whoever wrote it is to blame. Others decided that such "personnel" would not interfere with the developers themselves in their project, offering to provide the attacker with work.
Most likely, the resolution of the conflict will take place in the coming days, since Indexed Finance is not going to put up with monetary losses and the hacker will sooner or later have to contact them again.
If you decide to try your hand at the world of cryptocurrencies, do it with a trusted and reliable partner - HUOBI
CoinShark is not responsible for the content, accuracy, quality, advertising, products or any other content posted on the site. This article is for informational purposes, prepared on the basis of materials and information from open sources. Cryptocurrency is a high-risk asset, investments in it can lead to losses. Readers should do their own research before taking any action.