Key takeaways:
- Cypher Protocol has frozen $600,000 worth of cryptocurrency obtained through a security flaw on August 7.
- The team contacted the hacker on August 10 after offering a 10% white hat bounty worth about $120,000.
Cypher Protocol, a decentralized futures exchange based in Solana, has been able to freeze $600,000 worth of cryptocurrency that was obtained through a security flaw on August 7.
On August 18, Cypher Protocol revealed on X (formerly Twitter) that, with the aid of multiple independent blockchain investigators, more than half of the stolen assets had been successfully frozen across centralized exchanges. It read:
“The return of these funds will be predicated on the cooperation of these CEXs and seizure warrants being issued by law enforcement,”
On August 7, Cypher was attacked for about $1 million, so the protocol stopped executing its smart contracts.
Through primary accounts with numerous cross-collateralized sub-accounts, the DeFi exchange allows lending and borrowing.
However, insufficient margin checks before borrowing were made impossible by the vulnerabilities, according to blockchain security firm Halborn.
The attacker stole an estimated $1 million in several crypto assets, including USDT, USDT, SOL, wETH, and a few other cryptocurrencies, using multiple accounts to take advantage of these coding vulnerabilities.
The team was able to get in touch with the hacker on August 10 after offering a 10% white hat bounty worth about $120,000.
According to the protocol, the hacker missed the deadline to return the money two days later, which then made the bounty available to the general public. Additionally, they made hints that they knew the exploiter’s partial identity.
To transfer remaining assets to impacted users, Cypher established a redemption plan and “socialized losses policy” on August 16. According to user share, a redemption package containing protocol assets will be distributed proportionally.
In its most recent statement, Cypher hailed blockchain investigator ZachXBT and said that he had been crucial to the team’s efforts in freezing cash across several CEXs and helping to find the attacker.
Leveraged yield aggregation platform Steadefi was exploited for $1.1 million on August 7, and DeFi protocol Zunami was subject to a $2.1 million flash loan assault on August 13.
