Cypher Protocol, a Solana-based futures DEX, has been forced to pause its smart contract in the wake of an exploit that resulted in a loss of more than million. The Why Late last night, Cypher’s devs announced that they had suffered a “security incident”, resulting in the need to pause their smart contract until a post-mortem was carried out. An appeal to the hacker was also made, promising a discussion on the next steps should the bad actor care to reply. Cypher has has experienced an exploit/security incident. The smart contract has been frozen. The team is currently working with individuals and investigating To the hacker: We are writing to see whether you would be open to speaking with us about any potential next steps. — cypher ©️ (@cypher_protocol) August 7,
Topics:
George Georgiev considers the following as important: AA News, crypto scams, Hacking, security
This could be interesting, too:
Wayne Jones writes Bad News for Crypto? Elizabeth Warren to Succeed Sherrod Brown on House Banking Committee
Martin Young writes Ethereum’s Modular Strategy: Short-Term Pain, Long-Term Gain, Says Research
Wayne Jones writes DOJ Seeks M in Crypto from Binance Over FTX Bribery Allegations Involving SBF
Chayanika Deka writes Bitcoin Wallet Awakens After 13 Years, Transfers .67M Amid Market Surge
Cypher Protocol, a Solana-based futures DEX, has been forced to pause its smart contract in the wake of an exploit that resulted in a loss of more than $1 million.
The Why
Late last night, Cypher’s devs announced that they had suffered a “security incident”, resulting in the need to pause their smart contract until a post-mortem was carried out. An appeal to the hacker was also made, promising a discussion on the next steps should the bad actor care to reply.
Cypher has has experienced an exploit/security incident. The smart contract has been frozen.
The team is currently working with individuals and investigating
To the hacker: We are writing to see whether you would be open to speaking with us about any potential next steps.
— cypher ©️ (@cypher_protocol) August 7, 2023
The exchange’s mission, which is proudly stated in Cypher Protocol’s Twitter bio, was also cause for mirth.
However, the irony doesn’t stop there. It turns out that the hack occurred during mtnDAO, a hackathon co-hosted by Cypher Protocol and Marginfi, another Solana-based project.
It appears we have a winner – although not by popular vote.
The exploit drained over 38k SOL tokens and more than 123k USDC, adding up to a total of $1,035,203 in ill-begotten gains.
In a rather perplexing move for the hacker, Binance and KuCoin were chosen for cashing out. By choosing big exchanges with robust cybersecurity teams instead of the well-known crypto mixer route, the hacker runs a much bigger risk of being caught. However, it’s also possible that the exploit was carried out as an impromptu addition to the hackathon. If the funds are meant to be returned, anonymity may not matter to the exploiter as much.
Alternatively, the attack may have been carried out by someone in a country who does not cooperate with Western law enforcement, in which case ease of access to liquidity provided by big CEXs may be the only thing that matters.
Reaching Out Via NFTs.
Since the attack, users have been reaching out to the hacker by sending NFTs with brisk messages to the address involved.
Some of these messages are simple appeals to morality.
“Seriously though, you used Binance and KuCoin to fund and to try and get 30k out. People will find you. Please do the right thing and give the rest back.”
However, other users opted for a terser “Give it back, you sh*tlord”.
Although the size of the exploit is dwarfed by previous attacks on the Solana network, a hack of this size can be a sink-or-swim deal for smaller projects like Cypher Protocol. It remains to be seen what the devs uncover about the attack and if a recovery is possible.