Changpeng Zhao, Binance CEO, claimed that his team had recovered a significant amount of the money taken by Curve’s front-end exploit on Tuesday.
Zhao provided a status report on Twitter and revealed that the centralized exchange has frozen $450,000 in stolen assets that the Curve hacker had transferred into the exchange. Zhao said that in order to help return them, the team is collaborating with law officials. Regarding the recovery of the funds, Curve has not yet made any comments.
“Binance recovered/froze $450k of the Curve’s stolen cash, To restore the money to the users, we are collaborating with law enforcement.”
Binance joins the move to seize stolen assets
This was the second time that money connected to the Curve exploit was seized. It was previously revealed that Fixed Float, a Lightning Network-based exchange, has also frozen 112 ETH (200,000), which had been deposited by the Curve exploiter in what was probably an attempt to launder the assets. As a result, the recovered amount has increased to almost $650,000.
On Tuesday, a Domain Name Service (DNS) spoof hacked the front end of Curve Finance. The attacker changed Curve’s DNS throughout the attack to route customers to another website that contained a malicious contract.
The hacker had the potential to steal money from the unaware users when they interacted with the contract. The majority of the assets that were stolen after the exploit was transferred by the hacker to Fixed Float and Binance, where they remained frozen.
Usually, hackers use Tornado Cash, a well-liked Ethereum mixer, to conceal all of the transactions of the stolen assets. However, in this Curve vulnerability, hackers attempted to restrict the use of Tornado Cash by sending only a limited amount of the stolen ETH there.
Tornado Cash has been in the public eye in recent days after the protocol and its related Ethereum addresses were sanctioned by the US Treasury.
Cryptopolitan recently reported that The decentralized derivatives exchange dYdX admitted that the restriction had affected it after learning that some of its users had connected with Tornado Cash late on Wednesday. In retaliation, the project decided to restrict a few accounts.dYdX claimed in a blog post that it had “unbanned certain accounts,” though it did not disclose how many accounts were still forbidden.
Source: https://www.cryptopolitan.com/binance-seizes-450000-stolen-by-curve-hacker/