In a decisive move against cyber theft, Cypher Protocol, a decentralized futures exchange operating on the Solana blockchain, has successfully frozen over half of the funds stolen in a recent security breach. As of August 18, nearly $600,000 in cryptocurrency has been frozen, which had been unlawfully taken from various centralized exchanges.
The security breach occurred on August 7th, leading to a loss of approximately $1 million across a range of cryptocurrency assets, including USDT, SOL, wETH, and several other altcoins. The protocol had to pause its smart contracts in response to the incident.
Cypher Protocol takes swift action
Cypher Protocol’s team acted swiftly, partnering with numerous independent blockchain investigators to freeze the stolen funds. The return of these funds is contingent on the collaboration of the centralized exchanges involved and law enforcement authorities issuance of seizure warrants.
The attacker exploited code vulnerabilities using multiple accounts to drain an estimated $1 million in various crypto assets. Blockchain security firm Halborn explained that the vulnerabilities prevented proper tracking of isolated sub-accounts and insufficient margin checks before borrowing.
To recover the stolen funds, Cypher extended a white hat bounty of 10%, amounting to approximately $120,000, to the contracted hackers. However, the hackers did not meet the stipulated deadline for returning the funds.
A redemption plan and socialized losses policy for affected users
In response to the failure to recover the stolen funds, Cypher formulated a redemption plan and introduced a “socialized losses policy” to allocate the remaining assets to affected users. A redemption package with protocol assets will be distributed pro rata based on user share. The value used for redemption in relation to a margin account will be based on a snapshot of the account’s assets when Cypher protocol was frozen, totaling around 31 cents on the dollar.
Cypher’s latest statement expressed gratitude to blockchain sleuth ZachXBT, highlighting his invaluable contribution to the Cypher team and his role in the initial freezing of funds across multiple centralized exchanges (CEXs).
The Cypher Protocol’s exploit is not the largest so far in August, coming in third according to the REKT database. DeFi protocol Zunami suffered a $2.1 million flash loan attack on August 13, and leveraged yield aggregation platform Steadefi was exploited for $1.1 million on August 7.
The Cypher Protocol’s successful freezing of stolen funds illustrates the importance of collaboration and swift action in the face of security breaches.