As reported by CoinDesk, a hack on the decentralized finance (DeFi) protocol saw $25 million in cryptocurrencies exit its wallets over three hours on April 19. Curiously, the assets were returned two days later, for reasons that weren’t made fully clear.
Digital assets stolen in a hack on crypto lending platform dForce last week have been returned to customers.
Most of the funds have now been used to pay back all users who’d lost crypto in the attack, according to a Monday announcement by dForce.
“Over 90 percent of assets have been distributed to users in less than 24 hours. 100 percent users have been made whole in the recovery. We will disclose more future actions shortly,” the company tweeted.
CEO Mindao Yang said in a blog post
a week ago that the funds had been “recaptured through the efforts collaboratively made by our partners, law enforcement, investors, the community, and our team members.”
In another Medium post on Sunday, the company explained how it has been working since April 25 to audit asset data with a third party and establish a risk management procedure for the redistribution of customer’s funds.
Additionally, the company had been working to develop an “Asset Recovery System” to enable the smooth transition of users assets back to their MetaMask wallets, as well as finalizing a post-asset-redistribution action proposal to its community.
“Following the return of the stolen funds, all assets have been stored in a cold wallet. The funds are secure, and we’re eager to return them,” the company said at the time.
DForce also indicated it has rebalanced most of the portfolio back to the last state prior to the Lendf.me smart contract being hacked and “indefinitely paused” the contract.
As recently as April 14, the dForce Foundation closed a $1.5 million strategic round led by Multicoin Capital and joined by Huobi Capital and Chinese bank CMB International. The funds were to be used to grow its team and launch additional DeFi products in the coming year.
dForce Hacker Returns Almost All of Stolen $25M in Crypto
The hacker that drained $25 million in cryptocurrency from decentralized finance protocol dForce over the weekend has sent back almost all the stolen assets.
According to data visible on the Ethereum blockchain, multiple transactions were initiated from 6:00 UTC on Tuesday from an address labelled “Lendf.Me Hack” to the admin address for the Lendf.Me project.
The transactions included some extremely large amounts, such as one for 57,992 ether (ETH), the native cryptocurrency of the Ethereum blockchain – an amount worth around $10 million at press time.
Additional transactions involved various U.S. dollar-linked stablecoins – such as USDT, BUSD, TUSD, DAI, USDC, HUSD and PAX – totaling nearly $10 million.
Further, a total of 581 units of WBTC, HBTC and imBTC – ethereum tokens that peg to bitcoin as an underlying collateral – have also been returned. The sum of these is worth around $4 million at bitcoin’s current price.
Curiously, the hacker did not return exactly the same balance of assets as were stolen, but returned some of the value in other types of tokens. All told, however, they handed back crypto assets worth roughly $24 million as of press time.
It’s unknown at this stage why the hacker didn’t simply return the assets that were stolen, or indeed why they were returned at all.
Lendf is one of two protocols supported by the dForce Foundation. It saw $25 million in cryptocurrencies exit its wallets over three hours on Sunday morning Asia time.
The dForce Foundation recently received a $1.5 million strategic investment led by Multicoin Capital and joined by Huobi Capital and Chinese bank CMB International (CMBI), with a goal to grow the foundation’s staff and to launch additional DeFi products in the coming year.