dForce founder Mindao Yang has said that hackers who stole the firm’s assets worth $25 million have started reaching out for a possible negotiation.
Yang in a release detailing how everything transpired, hinted at the new development. However, based on information relayed by experts, it appears the hackers are already returning the fund.
Although less was said of the firm’s sudden relationship with the hackers after they carted away with 99.9% of the firm’s wealth, effort is being made with the help of security firms and agents to get the fund returned.
The attack comes a few days after dForce perfected a funding round that was led by MultiCoin Capital, with participation from CMBI and Huobi Capital.
Shortly after, dForce’s lending platform lendf.me, reported to be a fork of Compound v1 code, got attacked by the said hacker.
As revealed, attackers used fake collateralized imBTC to exchange for Ethereum and moved the fund from dForce to Compound and Aave. The attack has put Yang in a state of devastation after learning about the attack around 9:15 am (UTC+8) via the platform’s internal monitoring system.
Yang and other team members had to pull down Lendf.Me and USDx to get acquainted with what led to the incident.
“The situation is evolving, and we’re learning more every minute, however, it appears the hacker(s) have concluded their attack,” Yang said in a blog post.
According to him, the faceless hackers exploited the loopholes within the ERC777 standard of imBTC to achieve a reentrancy attack.
The callback mechanism of ERC777 (imBTC), according to him, gave the hackers the avenue to make the withdrawal of imBTC repeatedly before the balance was updated. His statement is backed by the analysis from PeckShield.
Hackers Attempting to Contact
Meanwhile, to allay the fear of users of the platform, Yang said the hackers are now attempting to contact him, and they are ready to enter into discussions with them as soon as possible.
“The hacker(s) have attempted to contact us and we intend to enter into discussions with them.”
Beyond that, Yang said law enforcement agents have been contacted on the issue. Also, asset issuers and exchanges have been told to blacklist the hackers’ addresses.
Funds Being Returned?
It seems the said hackers are already returning the fund, information revealed by a pseudonymous crypto observer Frank Topbottom has shown. It seems dForce has already negotiated with the hackers as there are now indications the funds are being returned.
Looks like the “attacker” has negotiated with dForce team to start returning assets that he can’t possibly use because they are centrally issued and already blacklisted at the only place where they can be swapped. Huobi BTC is an ERC-20 wrap of BTC only redeemable at Huobi https://t.co/TvXXI6ItKg
— Larry Cermak (@lawmaster) April 19, 2020