DAO Maker shared last Thursday, August 12, through his Twitter account, his statement after recent events, the situation resolved and all other DAO Maker contracts that are safe.
“The rapid expansion of DAO Maker has posed several challenges to the ecosystem. These include turbulence in the incorporation of projects and changes in the structure of the company. Unfortunately, we must announce that in the early hours of August 12 (approximately 1 am UTC), DAO Maker faced malicious use of one of our wallets with access to administrator privileges”, he said through an article published in the Medium platform.
The company explained that the cybercriminal, after tentatively testing this exploit and successfully stealing $10,000, proceeded to discreetly carry out 15 more transactions.
In this way, the hacker was able to divert approximately $7 million, until our security team was able to track, contain, and stop the drain of funds. A total of 5,251 users were affected, losing $1,250 on average per user.
However, the company indicated that fortunately users with up to $900 have not been affected at all.
“We decisively moved unaffected funds to a completely new secure wallet, while users can still withdraw their funds without hindrance, if they wish”, he added.
DAO Maker highlighted that Cipher Blade, a leading blockchain forensics company, has been hired and is doing everything possible to track down the criminal and return the stolen funds. They have already identified an implicated Binance account and are working closely with Etherscan to learn more about the hackers’ whereabouts. Also, all exchanges have already been reported from the hackers’ wallet.
In his view, the SHO contract has always been an entry point for potential risk, as it was used for all SHOs. This is the precise reason why DAO Maker implemented certain contingencies, such as limiting the maximum individual deposit amount to $10,000 USDC.
“Currently, the SHO contract has been secured to prevent situations like this from occurring in the future. While waiting for a complete RCA (root cause analysis), all the deposits have been deactivated”, he specified.
Also read: Origin Protocol “further” strengthens relationship with Crypto.com
About the security of the vaults
The company assured that the Vaults are safe and the attack has not had a detrimental impact on our business. “Absolutely no one, not even us, has the ability to update the code or remove any DAO from the Vaults. As CEO, this has always been one of my core principles for DAO Maker”, said Christoph Zaknun, CEO of DAO Maker.
1 comment
Comments are closed.