Mixin Network Offers $20M BUG Bounty to Recover Stolen Funds

Mixin Network has offered a $20 million bug bounty in a bid to recover the stolen $200 million.

A bug caught in the mouth gets electrocuted.
  • Mixin Network has proposed a bug bounty to recover the stolen $200 million.
  • The network has assured customers of a “more optimistic” situation.
  • A senior crypto threat analyst paints a different picture of the attack.  

To retrieve stolen funds, decentralized cross-chain protocol Mixin Network has proposed a multi-million bounty to the hackers behind the recent $200 million exploit on its cloud database service provider.

Following the cyberattack, the protocol temporarily suspended deposit and withdrawal activities, urging customers to stay off the network to prevent “unnecessary losses.” The network also acknowledged the enlisting of Google and blockchain security company SlowMist to assist with investigating the incident.

Appealing to the Hackers

On September 27, Mixin Network encrypted a message with the exploiter transaction, offering the hackers a $ 20 million bug bounty to return the remaining funds and clarifying that the missing assets belonged to users.

“Most of our platform assets were users, and we hope you can refund them. You can keep $20M of the assets as a BUG Bounty Reward for the BUG. Contact us via bug@mixin.one for the reward details.” The message read.

While the Mixin team has not made a public comment regarding the bug bounty offer, the network shared an update on Twitter (X) stating that the losses are not as significant as estimated following most of the asset tally work completion.

The statement, which assures customers of a “more optimistic” situation, contradicts the findings of blockchain forensic firm Elliptic, which concluded that the hackers now control a significant percentage of Mixin’s digital assets holdings.  

Is the Situation “More Optimistic?”

In a September 26 blog post, Elliptic’s senior crypto threat analyst, Arda Akartuna, compared Mixin’s latest financial statements against the stolen funds and concluded that the hackers now control 93% of Mixin’s USDT ($23.6M), 71% of its Ethereum ($95.3M), and 9% of its Bitcoin ($23.7M).

Although the stolen funds are yet to be laundered, Akartuna noted that the hackers have already transferred the stolen USDT through the Uniswap decentralized exchange to retrieve the funds in Dai stablecoin or other unfreezable assets.

Stay updated on what happened in the recent Nansen security breach:
Nansen Breach Sees User Data Compromised:  Here’s What Happened

Read more about the Balancer Protocol DNS attack:
Balancer Protocol Loses $238K in Crypto in Ongoing DNS Attack

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Brian Danga

Brian Danga, a Kenyan crypto reporter, is dedicated to delivering breaking news and updates from the cryptocurrency world. With a background as a Web3 writer and project manager, he recognizes the importance of unbiased reporting. Holding an LLB degree from the University of Nairobi, Brian's analytical skills contribute to his accurate news reporting. His personal interests include cooking, watching documentaries, reading, and engaging in intellectual discussions.