Home Coin news Seneca Hacker Returns $6 Million Stolen Crypto

Seneca Hacker Returns $6 Million Stolen Crypto

01 Mar, 2024 Coin news

Seneca Hacker Returns $6 Million Stolen Crypto

The stablecoin protocol Seneca has proposed a 20% reward to the individual who managed to illicitly access at least $6.4 million in digital assets by exploiting a flaw in the approval mechanism of the protocol’s smart contract.

On February 28, several blockchain security companies identified the security breach within the stablecoin protocol.

Firms such as CertiK alerted users to the breach, advising them to withdraw approvals from an address associated with the Ethereum and Arbitrum networks.

The initial damage was believed to be around $3 million, but further investigation revealed that the breach resulted in the loss of over 1,900 Ether, valued at approximately $6.4 million.

CertiK’s security analysts pointed out that the breach was caused by a severe vulnerability in the smart contract's “call” function.

Joe Green, leader of CertiK's rapid response team, shared with Cointelegraph that this flaw permitted the hacker to make unauthorized external calls to any address, thereby transferring assets directly to themselves from addresses that had given permissions to the compromised contracts

.

Green emphasized the importance of scrutinizing external calls, especially during contract upgrades, suggesting that a contract's security at launch could be compromised by subsequent modifications.

He illustrated this with “A entrusts B; B entrusts C; C entrusts D, but a new upgrade may break when A is not supposed to trust D.”

Seneca announced it is engaging experts to delve into the incident and has put forward a $1.2 million bounty for the retrieval of the pilfered funds.

In a public message on February 29, Seneca requested the perpetrator to return 80% of the looted assets to a designated Ethereum address, offering to let the hacker retain 20% of the haul.

In its appeal, Seneca mentioned its collaboration with security firms and law enforcement to track the stolen assets, pressing the hacker to return the funds promptly to circumvent legal repercussions.

“Acting promptly is crucial, so we kindly request that you return the funds as soon as possible to avoid any further legal action,” stated the message from Seneca.

Shortly after issuing this plea, the hacker returned approximately 1,537 ETH, worth about $5.3 million, to the address specified by Seneca.

The offender kept 300 ETH, equivalent to about $1 million, thereby accepting the 20% bounty Seneca had proposed, and then dispersed the remaining ETH to two other addresses.

Sources:

https://cointelegraph.com/news/seneca-hacker-returns-stolen-funds-exploit

https://twitter.com/CertiKAlert/status/1762871285036511328

https://twitter.com/spreekaway/status/1762857769714012217

https://twitter.com/SenecaUSD/status/1762886130561630227

https://twitter.com/SenecaUSD/status/1762999045109248461

https://twitter.com/PeckShieldAlert/status/1763109818766946512

Back to Coin news
Related articles
Bitcoin Surpasses 65 Million Ordinals Inscriptions

Coin news

Bitcoin Surpasses 65 Million Ordinals Inscriptions

Bitcoin Surpassed $72,000 Despite $102 Million Shorts

Coin news

Bitcoin Surpassed $72,000 Despite $102 Million Shorts

PayPal Stablecoin Circulation Dropped 38% in March

Coin news

PayPal Stablecoin Circulation Dropped 38% in March

Polkadot Active Addresses Hit Record 600,000

Coin news

Polkadot Active Addresses Hit Record 600,000

Don’t miss any crypto news

Subscribe to our Newsletters - the best way to stay informed about the crypto world. No spam. You can unsubscribe anytime.

By sharing your email, you consent to receiving BITmarket’s newsletter. Read how we process your data in our Privacy policy

You’ve made us very happy 😊

Subscribe to our Newsletters - the best way to stay informed about the crypto world. No spam. You can unsubscribe anytime.

Something went wrong 😔

If your problem persists please try contact our support