In an unexpected development, a hacker returned almost US$25 million [AU$39.55 million] in BTC and ETH to the dForce platform.
Yang said that this was through the “efforts collaboratively made by our partners, law enforcement, investors, the community, and our team members.”
Hacker returned ‘most’ of stolen funds
In total, the assets returned to the network only account for roughly $24 million – a million short of what was hacked.
According to a tweet from Lendf.Me, all the stolen funds that have been returned will be moved to a “separate recovery account” for the meantime.
Dear Users: We are about to move all hacked funds from https://t.co/XwcnxztZnW Admin to a seperate recovery account for furture distribution.
Below is the address for the recovery account: https://t.co/alxsqhIQmd
— Lendf.Me (@LendfMe) April 21, 2020
Yang took his share of responsibility for the attack:
“To say the very least, this entire ordeal has been incredibly emotional and taxing. It was personal for me on so many different levels. I will never forget this day, and I know that I need to work harder so that it never happens again.”
The next steps for Lendf.Me
According to Yang, the following steps will be taken immediately:
- Smart contracts on the Lendf.Me platform will be disabled. There will be an asset recovery login for users, which they can use to check how much their outstanding assets and liabilities are prior to the attack.
- Drafting of the asset redistribution plan will be outlined and published soon.
- Consultations with independent security experts will be conducted, including full security audits to redeploy a new decentralized money market protocol that is less vulnerable to the same attack.
On the day of the hack, Yang posted in his blog that the hackers tried to get in touch with them. Yang said:
“We are doing everything in our power to contain the situation. We have contacted law enforcement in several jurisdictions, reached out to asset issuers and exchanges to track down and blacklist the hacker(s)’s addresses, and engaged our legal teams.”
Tracking the hacker’s trails
The community is still puzzled by the motive of the hacker’s sudden return of the stolen funds.
The hacker’s address sent an empty ETH transaction to the Lendf.Me’s admin address with a note that only says “email.” Possibly, it pertains to Yang’s statement that the hacker has been reaching out to them.
According to Sergej Kunz, chief executive officer of 1inch.exchange, the hackers inadvertently revealed important details that pointed to them while they were trying to do the exchanges.
Apparently, as initial investigations revealed, the hackers were not able to completely cover their trail. The investigation found that the requests pointed to a single IP address in China.
“He seems to be a good programmer, but an inexperienced hacker,” said Kunz.