- Mixin Network has proposed a bug bounty to recover the stolen $200 million.
- The network has assured customers of a “more optimistic” situation.
- A senior crypto threat analyst paints a different picture of the attack.
To retrieve stolen funds, decentralized cross-chain protocol Mixin Network has proposed a multi-million bounty to the hackers behind the recent $200 million exploit on its cloud database service provider.
Following the cyberattack, the protocol temporarily suspended deposit and withdrawal activities, urging customers to stay off the network to prevent “unnecessary losses.” The network also acknowledged the enlisting of Google and blockchain security company SlowMist to assist with investigating the incident.
Appealing to the Hackers
On September 27, Mixin Network encrypted a message with the exploiter transaction, offering the hackers a $ 20 million bug bounty to return the remaining funds and clarifying that the missing assets belonged to users.
“Most of our platform assets were users, and we hope you can refund them. You can keep $20M of the assets as a BUG Bounty Reward for the BUG. Contact us via firstname.lastname@example.org for the reward details.” The message read.
While the Mixin team has not made a public comment regarding the bug bounty offer, the network shared an update on Twitter (X) stating that the losses are not as significant as estimated following most of the asset tally work completion.
The statement, which assures customers of a “more optimistic” situation, contradicts the findings of blockchain forensic firm Elliptic, which concluded that the hackers now control a significant percentage of Mixin’s digital assets holdings.
Is the Situation “More Optimistic?”
In a September 26 blog post, Elliptic’s senior crypto threat analyst, Arda Akartuna, compared Mixin’s latest financial statements against the stolen funds and concluded that the hackers now control 93% of Mixin’s USDT ($23.6M), 71% of its Ethereum ($95.3M), and 9% of its Bitcoin ($23.7M).
Although the stolen funds are yet to be laundered, Akartuna noted that the hackers have already transferred the stolen USDT through the Uniswap decentralized exchange to retrieve the funds in Dai stablecoin or other unfreezable assets.
Stay updated on what happened in the recent Nansen security breach:
Nansen Breach Sees User Data Compromised: Here’s What Happened
Read more about the Balancer Protocol DNS attack:
Balancer Protocol Loses $238K in Crypto in Ongoing DNS Attack