Key Points:
- unshETH announced that the hacker has decided to return the ownership of the contract, but there are still about $375,000 in funds that have not been returned.
- The team also stated that law enforcement action would be taken if the hackers did not return the funds by the deadline.
The LSDFi protocol unshETH revealed that the hacker has agreed to release contract ownership, although around $375,000 in funds have not been refunded.
According to the notification, the attacker must return the remaining monies to the indicated location by June 3 at 01:00, otherwise, the attacker will be fined $50,000. Moreover, unshETH indicated that if the hackers do not refund the cash by the deadline, legal action will be taken.
Recently, a number of KOLs stated that the LSDFi protocol unshETH vault is suspected of having a security issue, advising users to get cash out as quickly as feasible. The reason for this is that the contract owner was tampered with. The project team has been informed. Nonetheless, the team said via Discord that emergency precautions had been implemented and that the essential Ethereum fund was secure.
According to the information in the chain, the contract owner authority was moved to an unknown address.
This morning, the LSDFi protocol replied to the security issue on Twitter. According to unshETH, one of the contract’s deployment private keys was disclosed on May 31. To be safe, the official has temporarily halted the withdrawal of ETH. According to the security model, unshETH’s ETH deposit (TVL up to $35 million) is safe due to multi-signature + time lock.
Moreover, various auxiliary agreement contracts (liquidity mining pools, cross-chain bridges, etc.) have been targeted and are collaborating with white hat security professionals from Coinbase, Stargate, Paladin Blockchain Security, Github, and Ogle to ensure the protection of user funds.
Several users also said that a Chinese white hat hacker discovered the private key was accidentally copied on the protocol’s most recent Github repository and immediately reported it to the team.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Harold
Coincu News
Source: https://news.coincu.com/191757-unsheth-375000-in-stolen-fund/