Cryptonews Blockchain News Cypher Protocol Loses $1 Million in Blockchain Exploit – Here’s What Happened

Cypher Protocol Loses $1 Million in Blockchain Exploit – Here’s What Happened

Sead Fadilpašić

Last updated: October 23, 2023 05:31 EDT | 2 min read

Solana-based decentralized exchange Cypher Protocol halted its smart contract following an exploit that saw an estimated $1 million stolen.

On the evening of August 7 (UTC), Cypher confirmed that there had been a security incident, saying that the team was investigating it, but without providing specific information.

The event resulted in the smart contract getting frozen, it said.

Cypher has invited the attacker to open a conversation on the next possible steps, presumably so the two parties could start negotiating the return of the stolen funds.

if you are the attacker you can reach out on email or session chat app

email: [email protected]

session id: 05acb0ff5ecb13d3e9d6e8225342994157df834f5f14ac916f2212b20539fe113d https://t.co/ZnEbJN8Kju
— cypher ©️ (@cypher_protocol) August 7, 2023

Speaking of the funds, Cypher did not say how much the incident cost it.

Yet, Solana blockchain explorer Solscan shows that the wallet presumed to be related to the incident received some SOL 38,530 (worth $892,740 at the time of writing) and USDC 123,232.

In total, this means that the attacker potentially stole $1,015,961.

Blockchain security analysts at De.Fi Security shared similar figures.

🚨 Exploit Alert 🚨

The Cypher Protocol on Solana has been attacked.

A wallet linked to the incident reportedly stolen around 38,530 $SOL and $123,184 $USDC, totaling ~$1,035,000.

🧵 Here are the details 👇 pic.twitter.com/8Yool3mTN9
— De.Fi🛡️Web3 Antivirus (@DeDotFiSecurity) August 8, 2023

Web3 security firm Beosin tweeted that the attacker’s initial funds came from crypto exchanges KuCoin and Binance.

Cypher Program on Solana was hacked with losses of ~$1M. The program has been frozen.

The stolen funds are currently held at HHm4wK91XvL3hhEC4hQHo544rtvkaKohQPc59TvZeC71.

The attacker's initial funds are from @kucoincom and @binance. https://t.co/2TYEMsnuGy pic.twitter.com/JnNirDZaHW
— Beosin Alert (@BeosinAlert) August 8, 2023

Soon after the attack, some funds have already been shifted. USDC 30,000 was moved to USDC address ‘kiing.sol’.

This was done “possibly aiming to liquidate the stolen assets,” De.Fi Security said.

This address currently holds $102.4 million in 110 tokens, including $55 million in SOL tokens and $24.25 million in USDC.

‘Give it Back, You Shitlord’

Meanwhile, people have been sending message-carrying non-fungible tokens (NFTs) to the attacker’s wallet, asking the person to return the stolen funds, or as one user put it, “give it back you shitlord.”

The attack comes during Cypher’s mtnDAO hacker house event, co-hosted with Solana trading protocol Marginfi.

Marginfi said it works independently of Cypher and has not been impacted by the exploit.

In November 2021, Cypher raised $2.1 million in a seed round co-led by Sino Global Capital, SkyVision Capital, and Blockwall Capital. It said it would use the funds to build an expiratory futures protocol on Solana.

According to DeFi Llama data, its total value locked jumped in June this year from $183,380 to $1.57 million recorded on August 3.

Meanwhile, a recent De.Fi Security’s recent report found that, in July this year, crypto lost 6 times more money than in July 2022, with $390 million stolen last month alone.

The largest exploit within the Multichain cross-chain bridge resulted in $231.1m in losses, it added.

Ethereum was the most targeted platform, seeing $350.7 million lost across 36 cases.

Binance reported a loss of $11 million across 18 cases.

4/ In terms of attack vectors, Tokens proved to be the most popular targets this month, with 39 cases reported — this is unsurprising given that tokens are easy to deploy, and prey on the fear of missing out experienced by many new crypto investors. pic.twitter.com/K2jjSPjke7
— De.Fi🛡️Web3 Antivirus (@DeDotFiSecurity) August 1, 2023

$7.6M worth of stolen funds were recovered, marking a recovery rate of 1.5%, the firm said, compared to $7.3M in 2022.

____