en
Back to the list

Binance Recovers $450,000 Stolen in Curve Finance Hack - Crypto Briefing

source-logo  cryptobriefing.com 12 August 2022 09:59, UTC

The assets Binance recovered represent about 83% of the entire sum stolen in the exploit.

Binance Recovers Curve Hack Proceeds

Binance has traced and seized most of the assets stolen in this week’s Curve Finance exploit.

Binance froze/recovered $450k of the Curve stolen funds, representing 83%+ of the hack. We are working with LE to return the funds to the users. The hacker kept on sending the funds to Binance in different ways, thinking we can't catch it. 😂#SAFU https://t.co/Ekea9moeAw

— CZ 🔶 Binance (@cz_binance) August 12, 2022

The exchange’s ounder and CEO Changpeng Zhao announced on Twitter today that the firm had recovered about $450,000 worth of cryptocurrencies stolen in this week’s frontend exploit on decentralized exchange Curve Finance. According to Zhao, the frozen proceeds represent about 83% of the total sum stolen in the incident.

“The hacker kept on sending the funds to Binance in different ways, thinking we can’t catch it,” he said, adding that the exchange was already working with law enforcement to return the funds to users. 

Previously, the Lightning Network-based cryptocurrency exchange Fixed Float froze about 112 ETH, currently worth around $212,000. “Our security department has frozen part of the funds in the amount of 112 ETH,” Fixed Float tweeted Tuesday. The two seizures, in aggregate, bring the asset recovery up to 100%, meaning all victims that lost money in the front-end attack on Curve can be fully compensated. 

Curve was exploited for about $573,000 on August 9. The attacker spoofed the Domain Name Service of Curve’s frontend, redirecting users to a phishing site that tricked them into approving a malicious smart contract. After the unsuspecting victims approved the transaction, the hacker was able to steal crypto assets directly from their wallets. Following the incident, the attacker began sending batches of stolen ETH to multiple addresses in an attempt to obfuscate the funds’ origin before transferring the money to centralized exchanges to cash out.

However, the attacker apparently did a poor job of hiding the source of their stolen ETH, as effectively all of it has been seized by Binance and Fixed Float.

Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.

cryptobriefing.com