Binance located and seized most of the stolen assets in this week’s Curve Finance hack.
Binance froze/recovered $450k of the Curve stolen funds, representing 83%+ of the hack. We are working with LE to return the funds to the users. The hacker kept on sending the funds to Binance in different ways, thinking we can’t catch it. 😂#SAFU https://t.co/Ekea9moeAw
— CZ 🔶 Binance (@cz_binance) August 12, 2022
Changpeng Zhao announced on Twitter today that binance had recovered approximately $450,000 stolen in this week’s hack on decentralized exchange Curve Finance. According to Zhao, the frozen product accounts for about 83% of the total amount stolen in the incident.
“The hacker kept sending the funds to Binance in different ways, thinking we can’t catch him“, he said, adding that the exchange was already working with law enforcement to return the funds to users.
Our security department has frozen part of the funds in the amount of 112 ETH. In order for our security department to be able to sort out what happened as soon as possible, please email us: email@example.com
— FixedFloat⚡️ (@FixedFloat) August 9, 2022
Previously, Lightning Network-based cryptocurrency exchange Fixed Float froze around 112 ETH, which is currently worth around $212,000. “Our security department has frozen part of the funds for an amount of 112 ETH“, said Fixed Float. The two foreclosures, taken together, bring asset recovery to 100%, meaning that all victims who lost money in the attack on Curve can be fully compensated.
Curve was hacked for around $573,000 on August 9. The hacker spoofed Curve’s interface domain name service, redirecting users to a phishing site that tricked them into endorsing a malicious smart contract. After the unsuspecting victims approved the transaction, the hacker was able to steal crypto assets directly from their wallets. After the incident, the hacker began sending batches of stolen ETH to multiple addresses in an attempt to disguise the origin of the funds before moving the money to centralized exchanges for cashing.
However, the attacker apparently failed to hide the origin of his stolen ETH, as all of those funds were seized by Binance and Fixed Float.