In an X (Twitter) post on Aug. 18, Cypher Protocol reported that more than half of the funds stolen have been successfully frozen across centralized exchanges with the help of several independent blockchain investigators.
“The return of these funds will be predicated on the cooperation of these CEXs and seizure warrants being issued by law enforcement,” it said.
update from cypher
~$600k has been frozen across CEXs, the return of these funds will be predicated on the cooperation of these CEXs and seizure warrants being issued by law enforcement
— cypher ©️ (@cypher_protocol) August 17, 2023
Cypher was exploited on Aug. 7 for around $1 million resulting in the protocol halting its smart contracts.
The DeFi exchange enables lending and borrowing through primary accounts with multiple cross-collateralized sub-accounts. However, the vulnerabilities prevented proper tracking of isolated sub-accounts and insufficient margin checks before borrowing, explained blockchain security firm Halborn.
On Aug. 10, the team managed to make contact with the hacker after it had offered a 10% white hat bounty worth around $120,000.
Two days later, the protocol said the hacker had missed the deadline to return the funds and opened the bounty up to the public. They also hinted at knowing the partial identity of the exploiter.
The reward bounty is now open to the public pic.twitter.com/fEIiQ8rTKN
— cypher ©️ (@cypher_protocol) August 12, 2023
On Aug. 16, Cypher announced a redemption plan and “socialized losses policy” to distribute remaining assets to affected users. A redemption package with protocol assets will be distributed pro rata based on user share, it stated.
“The value used for redemption in relation to a margin account will be based on a snapshot of the account’s assets at the time Cypher protocol was frozen,” totaling around 31 cents on the dollar it added.
In its latest statement, Cypher thanked blockchain sleuth ZachXBT, adding “he was invaluable to the Cypher team and the main contributor in the initial freezing of funds across multiple CEXs, and also aided in tracking the attacker.”
Cointelegraph reached out to ZachXBT for comment but had not heard back at the time of writing.
According to the De.Fi Rekt database, the Cypher exploit was not the largest so far in August, coming in third.
DeFi protocol Zunami suffered a $2.1 million flash loan attack on Aug. 13 and leveraged yield aggregation platform Steadefi was exploited for $1.1 million on Aug. 7.