On Sunday, April 19, 2020, Mindao Yang, the founder of dForce, explained a hack that had targeted the crypto exchange via a medium post. However, the hacker appears to have had a change of heart and returned all the stolen crypto two days later.
The dForce exchange is a Chinese crypto exchange that allows its users to exchange crypto with each other. According to the founder, the attacker withdrew the funds by hacking the system and tricking the system into reporting false increases in the amount of crypto held before withdrawing all the accounts before the balance was updated. The hack was explained in detail via a medium post by PeckShield.
Hacker Makes Contact
In the medium post, Yang said that the hacker had been trying to reach out to dForce. He added that they intended to engage them in discussions. The founder also said that they were doing everything they could to get a hold of the situation. Yang revealed that the hacker did not just harm dForce users, their partners, and his co founders, the attack personally harmed him since he lost crypto assets in the hack.
Hacker Returns the Loot
Two days later, Yang posted another medium post in which he gave an update on the situation. He explained that the hacker had returned nearly all the coins. According to him, this had been made possible due to a combined effort by law enforcement, the dForce community, the partners, and the dForce team. In his post, he promised he would provide more details later.
It has been widely reported that the hacker first returned $2.79 million on April 20, 2020, before he returned the rest on April 21, 2020. All the funds were returned in the same cryptocurrency they were stolen in.
According to the CEO of the 1inch.exchange, the hacker returned all the funds because they shared his IP address with Singaporean authorities. He added that they received a request from Singapore police and they were working with them to help dForce recover the funds. According to him, besides the IP address, they also delivered other metadata information, which was made easier by the hacker using their CDN.
New Measures Put in Place
In his April 21 Medium post, Yang explained that several measures were being put in place with immediate effect. Firstly, all Lendf.Me smart contracts would remain disabled and they will be permanently deprecated. He added that they would set up an asset recovery login on Lendf.Me and users would be able to use their current addresses to login and check their assets up until all activities were paused after the April 19 hack.
Additionally, they would engage the best third-party security consultants to help them conduct a full audit. It would enable them to fortify the security of the platform. He added that in the future, they would introduce a rigorous process before they added assets into the ecosystem. Yang also promised to provide a more detailed post on the actions they intend to take in the future.
The return of the crypto assets shows that with quick action and collaboration by all parties in the crypto world and law enforcement, bad actors can be stopped. It is quite clear that the risk of being apprehended scared off the hacker. Right now, it is unclear if the authorities intend to pursue and apprehend the hacker.
Image Source: Pixabay