Mixin Network Offers $20 Million Bug Bounty Following $200 Million Hack
Mixin Network suffers a $200 million hack; offers $20 million for fund return; highlights DeFi vulnerabilities.
Thu, 28 Sep 2023, 08:56 am UTC
On September 23, Mixin Network, a decentralized cross-chain protocol, was hacked with a loss amounting to $200 million. To make a bid for the return of these funds, the company has offered a significant $20 million as a bug bounty. This offer was encrypted in a transaction message directed towards the hacker, emphasizing that a majority of the stolen amount belonged to users of the platform.
The message from Mixin Network appealed to the hacker's conscience, noting that the primary victims of this theft were the platform's users. The company added an incentive by allowing the hacker to retain $20 million as a reward for identifying the bug.
By September 25, Mixin Network had publicly acknowledged the breach, revealing that the hackers had compromised a third-party cloud service provider to access and drain almost $200 million from the platform. At that time, Mixin's founder, Feng Xiaodong, pledged to refund up to half of the stolen amount to the affected users. The other half would be returned to them in the form of bond tokens, which the company committed to buy back using its future earnings.
Details around the exact cause of the exploit remain sketchy. However, an analysis by a blockchain analytic platform has shown some past transactions between Mixin Network and an address linked to the hacker. Specifically, in 2022, the address 0x1795 received a payment of 5 Ether (ETH) from Mixin.
Cross-chain protocols, which facilitate transactions between different blockchains, have been historically attractive targets for hackers within the decentralized finance (DeFi) sector. These protocols play a vital role in ensuring smooth interoperability between various chains, and they often manage vast assets from multiple blockchains. A study has found that over 50% of all DeFi security breaches target cross-chain protocols. The cumulative loss from such attacks is currently pegged at a staggering $2.5 billion.
<Copyright © TokenPost. All Rights Reserved. >