Wednesday, December 25, 2024

Cypher Protocol Loses $1 Million in Blockchain Exploit – Here’s What Happened

Author: CoinSense

Solana-based decentralized exchange Cypher Protocol halted its smart contract following an exploit that saw an estimated $1 million stolen.

On the evening of August 7 (UTC), Cypher confirmed that there had been a security incident, saying that the team was investigating it, but without providing specific information. 

The event resulted in the smart contract getting frozen, it said.

Cypher has invited the attacker to open a conversation on the next possible steps, presumably so the two parties could start negotiating the return of the stolen funds. 

Speaking of the funds, Cypher did not say how much the incident cost it.

Yet, Solana blockchain explorer Solscan shows that the wallet presumed to be related to the incident received some SOL 38,530 (worth $892,740 at the time of writing) and USDC 123,232. 

In total, this means that the attacker potentially stole $1,015,961. 

Blockchain security analysts at De.Fi Security shared similar figures. 

Web3 security firm Beosin tweeted that the attacker’s initial funds came from crypto exchanges KuCoin and Binance.

Soon after the attack, some funds have already been shifted. USDC 30,000 was moved to USDC address ‘kiing.sol’. 

This was done “possibly aiming to liquidate the stolen assets,” De.Fi Security said

This address currently holds $102.4 million in 110 tokens, including $55 million in SOL tokens and $24.25 million in USDC.

‘Give it Back, You Shitlord’

Meanwhile, people have been sending message-carrying non-fungible tokens (NFTs) to the attacker’s wallet, asking the person to return the stolen funds, or as one user put it, “give it back you shitlord.” 

The attack comes during Cypher’s mtnDAO hacker house event, co-hosted with Solana trading protocol Marginfi

Marginfi said it works independently of Cypher and has not been impacted by the exploit.

In November 2021, Cypher raised $2.1 million in a seed round co-led by Sino Global Capital, SkyVision Capital, and Blockwall Capital. It said it would use the funds to build an expiratory futures protocol on Solana.

According to DeFi Llama data, its total value locked jumped in June this year from $183,380 to $1.57 million recorded on August 3. 

Source: DeFiLlama

Meanwhile, a recent De.Fi Security’s recent report found that, in July this year, crypto lost 6 times more money than in July 2022, with $390 million stolen last month alone.

The largest exploit within the Multichain cross-chain bridge resulted in $231.1m in losses, it added.

Ethereum was the most targeted platform, seeing $350.7 million lost across 36 cases. 

Binance reported a loss of $11 million across 18 cases.

$7.6M worth of stolen funds were recovered, marking a recovery rate of 1.5%, the firm said, compared to $7.3M in 2022.

____

Learn more:

– Curve Price Prediction as CRV Rallies on Hopes Hacker Will Return Funds – Here’s Why CRV’s Outlook Remains Murky
– Tech Entrepreneur Ilya Lichtenstein Admits to Masterminding $4.5 Billion Bitcoin Heist

Over $204 Million Lost to DeFi Hacks and Scams in Q2
– Ethereum Users Propose ERC 7265 to Thwart DeFi Hacks – How Does it Work?

Solana-based decentralized exchange Cypher Protocol halted its smart contract following an exploit that saw an estimated $1 million stolen.

On the evening of August 7 (UTC), Cypher confirmed that there had been a security incident, saying that the team was investigating it, but without providing specific information. 

The event resulted in the smart contract getting frozen, it said.

Cypher has invited the attacker to open a conversation on the next possible steps, presumably so the two parties could start negotiating the return of the stolen funds. 

Speaking of the funds, Cypher did not say how much the incident cost it.

Yet, Solana blockchain explorer Solscan shows that the wallet presumed to be related to the incident received some SOL 38,530 (worth $892,740 at the time of writing) and USDC 123,232. 

In total, this means that the attacker potentially stole $1,015,961. 

Blockchain security analysts at De.Fi Security shared similar figures. 

Web3 security firm Beosin tweeted that the attacker’s initial funds came from crypto exchanges KuCoin and Binance.

Soon after the attack, some funds have already been shifted. USDC 30,000 was moved to USDC address ‘kiing.sol’. 

This was done “possibly aiming to liquidate the stolen assets,” De.Fi Security said

This address currently holds $102.4 million in 110 tokens, including $55 million in SOL tokens and $24.25 million in USDC.

‘Give it Back, You Shitlord’

Meanwhile, people have been sending message-carrying non-fungible tokens (NFTs) to the attacker’s wallet, asking the person to return the stolen funds, or as one user put it, “give it back you shitlord.” 

The attack comes during Cypher’s mtnDAO hacker house event, co-hosted with Solana trading protocol Marginfi

Marginfi said it works independently of Cypher and has not been impacted by the exploit.

In November 2021, Cypher raised $2.1 million in a seed round co-led by Sino Global Capital, SkyVision Capital, and Blockwall Capital. It said it would use the funds to build an expiratory futures protocol on Solana.

According to DeFi Llama data, its total value locked jumped in June this year from $183,380 to $1.57 million recorded on August 3. 

Source: DeFiLlama

Meanwhile, a recent De.Fi Security’s recent report found that, in July this year, crypto lost 6 times more money than in July 2022, with $390 million stolen last month alone.

The largest exploit within the Multichain cross-chain bridge resulted in $231.1m in losses, it added.

Ethereum was the most targeted platform, seeing $350.7 million lost across 36 cases. 

Binance reported a loss of $11 million across 18 cases.

$7.6M worth of stolen funds were recovered, marking a recovery rate of 1.5%, the firm said, compared to $7.3M in 2022.

____

Learn more:

– Curve Price Prediction as CRV Rallies on Hopes Hacker Will Return Funds – Here’s Why CRV’s Outlook Remains Murky
– Tech Entrepreneur Ilya Lichtenstein Admits to Masterminding $4.5 Billion Bitcoin Heist

Over $204 Million Lost to DeFi Hacks and Scams in Q2
– Ethereum Users Propose ERC 7265 to Thwart DeFi Hacks – How Does it Work?