Hackers gained access to $1M in crypto but ‘forgot’ to withdraw
Were they too excited and just forgot? Or did they just point to an exploit? Guess we’ll never know for sure.
An interesting event occurred today with the DeFi project Zeed. Unidentified hackers almost stole $1 million worth of crypto but didn’t transfer money to their wallets.
Hackers penetrated the defenses of an "autonomous decentralized financial integrated ecosystem" on the BNB chain and found the vulnerability. They then minted extra rewards in the protocol and sold them on the market.
As a result, the price of the native token of the network – YEED – dropped to zero. Up to this point, this was a classic story of hacking the crypto project. All there was left to do is get away with the money. An easy task, right?
But shortly after selling the rewards hackers just deleted the contract used in the exploit. Meaning that all the tokens held by this contract became useless. No one can transfer them anywhere anymore. In other words, this $1M in crypto is lost forever.
As blockchain security firm BlockSec speculates, the hackers were overly happy by the fact they managed to find an exploit, they simply forgot to withdraw:
"Interestingly, the attacker does not transfer the obtained tokens out before self-destructing the attack contract. Probably, he/she was too excited."
Source: BlockSec
7 comments