The San-Francisco based startup announced an alert for users while addressing the issue. All users comprising the $600K will revoke the regretted amount. In a tweet, the firm also added that the Hashflow was not impacted and will remain fully operational. It will soon reveal the reason behind it.
PackShield, which provides security solutions, reported that it seems to be an approval-related issue. The crypto fund loss of $600,000 was reported in Aribtrum’s ARB token and Ether.
The Firm Clarified the Recovery Instruction
After one day of incidents, the company has clarified the recovery instruction for the accounts which are affected by the exploit. They impacted Ethereum, Arbitrum, Avalanche, and BNB Chain.
The firm told users they must revoke the approvals before recovering crypto funds. Two methods can do fund recovery. The first option is for total funds, and the second option is a 10% donation to the hacker. With the second option, the hacker will prevent further loss.
YannickCrypto, the DeFi enthusiast, said that the hacker has made the source code public but warned the users to revoke the token amounts or give a 10% donation; otherwise, the account would be hacked again. As stated by YannickCrypto, he is a white-hat hacker. It means he is an ethical security hacker.
Hashflow Native Token Fell By 7%
Hashflow, a startup firm, is focused on developing a layer-2 protocol that is used in developing and operating centralized and decentralized platforms. Following the news of the loss, the native token of the firm fell by 7% in 12 hours.
It has dropped to $0.341. The token is down from its highest price of $3.61 in November 2022. Its trading volume is down by 35%. It is approximately priced at $9.5M. Its market cap is marked at $69.85M, with a circulatory supply of 203.63M and a maximum supply of 1 Billion.
Along with this, one more loss of around $800,000 worth of Ethereum took place on June 12. The DeFi protocol Sturdy Finance lost 442 Ether coins. The vulnerability is caused due to manipulated faulty prices. PeckShield alerted Sturdy Finance. The company offered the exploiter a price of $100K in return for funds.
Hashflow tweeted certain steps for the safety of users. If some user is not affected by the crypto fund exploit but used Hashflow before May 3, 2022, be sure to revoke any allowance from the deprecated contracts as soon as possible.
Source: https://www.thecoinrepublic.com/2023/06/17/hashflow-faces-600k-crypto-exploits-confirm-users-to-retrieve/