The blockchain space has been plagued with a lot of issues that have made it seem unreliable. For example, crypto platforms have been a recurrent target for hackers. From the time of the great Mt. Gox hack to now, crypto-related platforms like DeFi platforms, exchanges, NFT ecosystems, DAOs, and much more have been hacked.
During a successful hacking effort, a project could lose millions of dollars in cryptocurrency. Intruders typically target a project’s hot wallet or smart contract, draining funds, and attempting to exchange stolen crypto for other tokens or fiat currencies. Some of these intruders can get away with theft by using privacy tools, and in other cases, they return the funds to the project.
Theft from projects is not limited to outsiders. In the past, rug pulls have been associated with project teams and founders. Take, for example, Chef Nomi of Sushiswap.
Some projects have used community pressure to recoup stolen funds. It could be in the form of members of the community threatening to file a lawsuit against the offenders. For instance, the community threatened to sue Chef Nomi for withdrawing funds without the permission of SushiSwap users.
We will look at examples of individuals who hacked or committed fraud on a cryptocurrency platform and subsequently returned the funds due to community pressure.
SushiSwap
The DeFi space is an intriguing one with innovations being released regularly, news of shocking events getting to news websites daily, and much more. A month hardly goes by without an event unfolding.
In 2020, SushiSwap founder, Chef Nomi, decided to pull a fast one on the users of the market-making protocol. When Sushiswap was released, people were fascinated by its features. It was a fork of UniSwap and it was designed to siphon liquidity from UniSwap. Chef Nomi, the founder of SushiSwap, was able to attract over a billion-dollar worth of collateral using the zombie mining technique. This activity increased the value of SUSHI tokens tremendously within a few days.
Weeks after the release of SushiSwap, Chef Nomi decided that it was time to cash out tokens worth over $14 million.
The community members decried the rug pull, threatening to sue the project. Chef Nomi’s actions were condemned by leaders in the crypto space. SushiSwap suffered as a result, with the value of SUSHI tokens plummeting.
A week later, under pressure from the community and industry leaders, the pseudonymous founder, Chef Nomi, returned the $14 million in Ether that he stole. After returning the funds to the automated market maker, the founder apologized to the community on Twitter. The tweet also stated that he will be satisfied with whatever the community gave him as a reward for building the project. Chef Nomi transferred the project to Sam Bankman-Fried, FTX CEO.
Poly Network
Poly Network lost over $600m worth of crypto assets to a hacker, making it one of the biggest hacks in history. When the hack happened, Poly Network wrote a letter on Twitter, stating that it was ready to strike an agreement with the hacker and they should get in touch. The hacker responded that he was not interested in the money. A day later, Poly Network announced that the hacker had returned nearly half of the money.
Poly Network is a blockchain platform for exchanging different crypto assets. They reported via Twitter that the hacker had returned three cryptocurrencies totaling $3.3 million in Ethereum, $256 million in Binance Coin, and $1 million in Polygon.
According to BBC News, the hacker published a three-page-long Q&A session on the Ethereum blockchain, stating the reason behind their attack. In the self-interview released by the hacker, they claimed that they had intentions of returning the stolen crypto to Poly Network. The reason for the hack was to test and expose the vulnerabilities in Poly Network software.
In one of the notes that were embedded in the blockchain, the hacker stated, “I know it hurts when people are attacked, but shouldn’t they learn something from those hacks?”. The hacker added that they discovered the vulnerability and knew that Poly Network could end up fixing it secretly, hence they stole millions of dollars in cryptocurrency to prevent this from happening.
Some crypto enthusiasts believe that the funds were returned because the hacker felt it would be difficult to cover their tracks and convert the tokens into other crypto or fiat currencies, especially with the spotlight on them. Others believe the hacker used a whitehat hack to pinpoint a flaw in Poly Network’s architecture.
Mr. Robinson, a government blockchain security consultant interviewed by BBC News, remarked,
“Either they just intended to commit theft and steal the assets, or they were acting like a white hat hacker to expose a bug, to help Poly Network make themselves more strong and secure”.
He also added,
“I wonder whether this hacker stole the funds, realised how much publicity and attention they were getting, realised wherever they moved the funds they would be watched and decided to give it back.”
Examples of blacklisting of addresses linked to fraud and hacks
Some addresses have been blacklisted in the past as a result of ties to hack attempts, fraud, terrorism and other illegal activities.
Tether
Tether has a reputation for blacklisting addresses associated with criminal activity such as hacking. Tether struck again in the first month of 2022, freezing three Ethereum accounts holding over $160 million in USDT.
Tether announced that it had frozen three Ethereum addresses, preventing its owners from transferring their digital assets to another address. The company behind the most popular stablecoin, USDT, is known to collaborate with regulators to monitor accounts for suspected malicious activities and freeze them if they detect such.
US Treasury Department
In the first month of 2022, the US Treasury Department blacklisted twenty Bitcoin addresses allegedly linked to North Korean hackers. They also added two individuals to the sanctions list, both of whom were suspected of being associates of the North Korea-affiliated Lazarus Group.
According to the regulatory body, Jiadong Li and Yinyin Tian were linked to the Lazarus Group, a cybercrime syndicate allegedly working for the North Korean government.
This is not the group’s first time stealing cryptocurrencies. In 2018, it was accused of stealing over $500 million. It has since targeted exchanges and DeFi protocols.
According to a forfeiture document, the US government attempted to seize custody of the crypto held in 113 different addresses. The government claims a major portion of the stolen Bitcoin was laundered through these addresses.
According to the forfeiture document, over $200 million in cryptocurrency was stolen and laundered using the peel chains strategy, which involves moving the cryptocurrency to multiple addresses.
Coinbase and other exchanges
In 2019, Binance was hacked, and BTC worth $40.7 million was stolen at the time. The hackers stole 7,074 BTC from Binance’s hot wallet.
According to Binance, the breach occurred after the hackers stole “a huge number of user API keys, 2FA tokens, and maybe additional information”.
Following the incident, crypto enthusiasts and platforms rallied to support Binance. Some exchanges, such as Coinbase, blacklisted the addresses linked to the attack, preventing the attackers from exchanging the cryptocurrency for fiat currency or other tokens. Justin Sun, the founder of Tron, deposited USDT worth 7,000 BTC in the exchange to purchase different coins. The community’s support, particularly peer exchanges, came in the form of blacklisting the attackers’ addresses.
There was a rumour that the Bitcoin chain would be reorganised to reverse the theft, which drew the attention of community members who were opposed to the proposal.
In Conclusion,
- There are different ways that a hacked blockchain platform may use in analysing the attack or tracking their funds, and one of the ways is community pressure.
- The community can pressurise hackers or rug pull initiators to do the right thing of returning stolen funds by the threat of lawsuits or attempts to uncover the identity of the anonymous intruders.
- An example that showcases the power of community pressure is the SushiSwap incident where Chef Nomi returned $14 million after being threatened by the community.
- Some blockchain firms have blacklisted the addresses and accounts of those linked to a hack or other illegal activities.
If you would like to read more articles like this, visit our Website. You can also follow DeFi Planet on Twitter, Facebook, Instagram, and LinkedIn.