Amazing reversal! Hackers successfully steal $25 million from dforce and return it in full

Time:2021-1-15

Amazing reversal! Hackers successfully steal  million from dforce and return it in full

Technical editor: Zong enli from sifou newoffice
SegmentFault has he reported the official account number: SegmentFault


According to foreign media, nearly 25 million US dollars of assets were stolen from dforce, but then hackers returned almost all the funds to dforce, except for the loss of 1.2 million US dollars due to the conversion fee.

Dforce is a blockchain based decentralized Finance (defi) and currency protocol platform, which provides the underlying infrastructure for open financial applications. It supports multi asset demand deposits and real-time loans, and dynamically adjusts interest based on market supply and demand.

What happened

Yang mindao, founder of dforce, wrote in the early morning of April 19 that hackers used the erc777 contract vulnerability of imbtc to implement reentry attacks, Lendf.Me About $25 million was lost.

On April 20, based on the traces left by hackers before and after the attack, the security team successfully determined the accurate hacker portrait, and began to cross compare with domestic and foreign resources to obtain breakthrough clues, getting closer and closer to hackers.

At 13:33 on April 21, under heavy pressure, hackers actively communicated with dforce and began to return some assets. After continuous communication, all assets were recovered successfully.

In an updated blog post on the 22nd, Yang mindao, founder of dforce, wrote:

I am pleased to report that almost all stolen funds have been recovered through the joint efforts of our partners, law enforcement, investors, the community and team members. At present, the relevant work is still in progress, so no more details can be provided. But I will definitely update it in future posts.

Larry cerma K, the research director of the block, made a detailed statistics on the return of assets by hackers

57, 992 eth, 252347 imbtc, 42562 MKR, 5178.2 link, 39968.3 KNC, 110383.27 bat, 1817.7 HT and 38180 Land (about 1020 US dollars) and stable currencies including usdt, Dai, Pax, etc. totaled 9.46 million US dollars. The return of assets totalled $23.8 million, down from about $25 million at the time of theft, which may be related to the decline in the market.