From Binance to DeFi: Hacks, Bounties and Anonymous Security

A recurring problem in crypto has been wallet hacks, with some incidents connected to large platforms, and some enormous sums of money being stolen in the form of crypto assets. Despite high profile cases, it remains to be seen how this problem will be addressed, but with institutions entering and regulatory compliance a priority, it seems unlikely that such a situation can be allowed to continue.

Crypto Hacks 2016 - 2022

Data and Image From Chainalysis

Binance-Linked Wallet Hacked

It was widely reported earlier this month that a crypto wallet had been hacked for a total of around $27 million worth of USDT (that’s the Tether stablecoin), and what was notable, besides the large numbers, was a connection with the exchange Binance.

The stolen funds had been withdrawn from Binance, and according to on-chain data, the wallet that was hacked could be connected back to a Binance deployer wallet, via a transaction from 2019.

While this suggests a connection between Binance and the victim of the hack, the exchange has not provided further information about this apparent link, and there have been no further updates regarding the findings of the Binance security team, which, according to an earlier comment from a Binance spokesperson, was “looking into the matter.”

This reflects the way crypto has operated up to now, with security breaches a part of the landscape, but wider, significant shifts may be occurring.

This week, Binance was hit with a $4.3 billion fine from the Department of Justice, while the Founder, Changpeng Zhao, stepped down from his position as CEO and pled guilty to felony charges. These developments mean that Zhao is prohibited from operational involvement in Binance for a period of three years and that the exchange will be overseen by an independent compliance monitor.

When it comes to centralized exchanges, regulatory compliance may be coming to the fore.

The Poloniex Hack

Not long before news of the Binance-connected wallet hack, there was another significant breach at the Poloniex exchange, which is well known partly due to the Founder of Tron, Justin Sun, becoming a major investor in 2019.

Last month, Poloniex was hacked for around $125.6 million worth of tokens, with funds being drained mainly across three networks: Ethereum, Tron, and Bitcoin. In response to this, the platform offered a 5% bounty to the hacker, in exchange for the funds being returned.

Then, following on from that, Poloniex this week announced that it had traced the identity of the hacker, and posted an on-chain message to the alleged culprit, in fifteen languages, conveying that a final $10 million bounty was on offer. This comes with a November 25th deadline, after which it’s stated that law enforcement will become involved.

It’s a thrilling turn of events worthy of a Netflix drama but has been met with some skepticism within the online crypto community, who question the veracity of what’s occurring.

👀👀👀It seems promising progress in tracking @poloniex stolen funds. @justinsuntron The whitehat reward of $10m is being offered. https://t.co/vWYgyYbEYs pic.twitter.com/6hZx72Buu2

— PeckShield Inc. (@peckshield) November 18, 2023

dYdX and Curve Offer Bounties

The use of bounties to track wrongdoers is not new, as demonstrated earlier this month by dYdX. However, in this case, the issue was not a hack, but rather, allegations of price manipulation, as it appears that through the dYdX decentralized trading platform, the price of Yearn Finance’s YFI token was manipulated, leading to losses of around $9 million from the dYdX insurance fund.

This has led to dYdX announcing that bounties are on offer to anyone who can substantially assist in finding the alleged market manipulator, although the matter is yet to be resolved.

On-chain messages are another recurring theme, as occurred after Curve Finance was hacked for around $73 million at the end of July, an attack also resulting in losses for both the Metronome and Alchemix DeFi platforms through their liquidity pools on Curve.

A 10% bounty and an offer not to have law enforcement involved were promised to the hackers, in exchange for the return of the stolen crypto assets, but the DeFi trio declared to the hackers that if the deal was not taken, “we will pursue you from all angles with the full extent of the law.”

It appears that the bounty, along with efforts by white hat hackers, was only partly effective, but nonetheless enabled the recovery of a reported 73% of the lost assets.

Decentralized Reactions to Decentralized Problems

Perhaps even more so than on centralized platforms, in the world of decentralized finance, hacks seem to be tolerated as an occupational hazard, while the use of bounties to assist in the recovery of funds is an accepted strategy, and white hat hackers sometimes play a critical role.

It’s arguable that offering bounties to hack perpetrators themselves may act as an incentive to attackers, but the alternative take is that such tactics are simply implementing what’s most effective according to the operational conditions. And, relatedly, we can find anonymous on-chain experts formalizing their solutions, as highlighted when Alchemix announced that it had partnered with an organization called Ogle Security Group, which had assisted in recovering some of the funds drained in the Curve hack.

Following their exceptional contribution towards recovering funds from the recent @CurveFinance exploit, we are proud to announce our partnership with @cryptogle / Ogle Security.

This partnership represents one of multiple new systems being implemented to equip us with the best…

— Alchemix (@AlchemixFi) November 20, 2023

Ogle’s self-declared mission is “to track down bad guys and return stolen crypto funds.” This straightforward approach appears to offer what is, essentially, an unregulated environment and a valuable and in-demand service.

A recurring problem in crypto has been wallet hacks, with some incidents connected to large platforms, and some enormous sums of money being stolen in the form of crypto assets. Despite high profile cases, it remains to be seen how this problem will be addressed, but with institutions entering and regulatory compliance a priority, it seems unlikely that such a situation can be allowed to continue.

Crypto Hacks 2016 - 2022

Data and Image From Chainalysis

Binance-Linked Wallet Hacked

It was widely reported earlier this month that a crypto wallet had been hacked for a total of around $27 million worth of USDT (that’s the Tether stablecoin), and what was notable, besides the large numbers, was a connection with the exchange Binance.

The stolen funds had been withdrawn from Binance, and according to on-chain data, the wallet that was hacked could be connected back to a Binance deployer wallet, via a transaction from 2019.

While this suggests a connection between Binance and the victim of the hack, the exchange has not provided further information about this apparent link, and there have been no further updates regarding the findings of the Binance security team, which, according to an earlier comment from a Binance spokesperson, was “looking into the matter.”

This reflects the way crypto has operated up to now, with security breaches a part of the landscape, but wider, significant shifts may be occurring.

This week, Binance was hit with a $4.3 billion fine from the Department of Justice, while the Founder, Changpeng Zhao, stepped down from his position as CEO and pled guilty to felony charges. These developments mean that Zhao is prohibited from operational involvement in Binance for a period of three years and that the exchange will be overseen by an independent compliance monitor.

When it comes to centralized exchanges, regulatory compliance may be coming to the fore.

The Poloniex Hack

Not long before news of the Binance-connected wallet hack, there was another significant breach at the Poloniex exchange, which is well known partly due to the Founder of Tron, Justin Sun, becoming a major investor in 2019.

Last month, Poloniex was hacked for around $125.6 million worth of tokens, with funds being drained mainly across three networks: Ethereum, Tron, and Bitcoin. In response to this, the platform offered a 5% bounty to the hacker, in exchange for the funds being returned.

Then, following on from that, Poloniex this week announced that it had traced the identity of the hacker, and posted an on-chain message to the alleged culprit, in fifteen languages, conveying that a final $10 million bounty was on offer. This comes with a November 25th deadline, after which it’s stated that law enforcement will become involved.

It’s a thrilling turn of events worthy of a Netflix drama but has been met with some skepticism within the online crypto community, who question the veracity of what’s occurring.

👀👀👀It seems promising progress in tracking @poloniex stolen funds. @justinsuntron The whitehat reward of $10m is being offered. https://t.co/vWYgyYbEYs pic.twitter.com/6hZx72Buu2

— PeckShield Inc. (@peckshield) November 18, 2023

dYdX and Curve Offer Bounties

The use of bounties to track wrongdoers is not new, as demonstrated earlier this month by dYdX. However, in this case, the issue was not a hack, but rather, allegations of price manipulation, as it appears that through the dYdX decentralized trading platform, the price of Yearn Finance’s YFI token was manipulated, leading to losses of around $9 million from the dYdX insurance fund.

This has led to dYdX announcing that bounties are on offer to anyone who can substantially assist in finding the alleged market manipulator, although the matter is yet to be resolved.

On-chain messages are another recurring theme, as occurred after Curve Finance was hacked for around $73 million at the end of July, an attack also resulting in losses for both the Metronome and Alchemix DeFi platforms through their liquidity pools on Curve.

A 10% bounty and an offer not to have law enforcement involved were promised to the hackers, in exchange for the return of the stolen crypto assets, but the DeFi trio declared to the hackers that if the deal was not taken, “we will pursue you from all angles with the full extent of the law.”

It appears that the bounty, along with efforts by white hat hackers, was only partly effective, but nonetheless enabled the recovery of a reported 73% of the lost assets.

Decentralized Reactions to Decentralized Problems

Perhaps even more so than on centralized platforms, in the world of decentralized finance, hacks seem to be tolerated as an occupational hazard, while the use of bounties to assist in the recovery of funds is an accepted strategy, and white hat hackers sometimes play a critical role.

It’s arguable that offering bounties to hack perpetrators themselves may act as an incentive to attackers, but the alternative take is that such tactics are simply implementing what’s most effective according to the operational conditions. And, relatedly, we can find anonymous on-chain experts formalizing their solutions, as highlighted when Alchemix announced that it had partnered with an organization called Ogle Security Group, which had assisted in recovering some of the funds drained in the Curve hack.

Following their exceptional contribution towards recovering funds from the recent @CurveFinance exploit, we are proud to announce our partnership with @cryptogle / Ogle Security.

This partnership represents one of multiple new systems being implemented to equip us with the best…

— Alchemix (@AlchemixFi) November 20, 2023

Ogle’s self-declared mission is “to track down bad guys and return stolen crypto funds.” This straightforward approach appears to offer what is, essentially, an unregulated environment and a valuable and in-demand service.