Uranium Finance developer suspected of ‘leaking’ information leading to $50M exploit

A member of Uranium Finance’s developer team said they suspect that the recent hack of the platform may have originated internally. They’ve urged affected users not to contact any other members of the Uranium Finance team.

The $50 million exploit of Uranium Finance, a decentralized finance protocol on Binance Smart Chain, may have been an inside job, according to a member of the project’s development team. 

The theory was put forward in Uranium Finance’s Telegram channel by a user named “Baymax,” who appears to be listed as an administrator. In a pinned post, Baymax explained that the security flaw leading to the exploit happened just two hours before version 2 of the protocol was launched. The suspicious timing of the exploit narrows down the list of potential perpetrators significantly.

Baymax explained:“There are a total of 7 people in Uranium who knew of the exploit. Outside of Uranium would be the 3 auditors contractors and their respective sub cons who may be aware of this flaw.”

They continued:“From the information that we gathered with the community input, it leans towards that someone leaked information that may have led to exploiters finding out about our vulnerabilities.”

No team members are listed on Uranium Finance’s official website, so it’s difficult to extrapolate further regarding how the exploit took place or who may have been responsible. 

Baymax urged the Telegram channel’s over 4,100 members to message them directly and avoid any contact with other moderators or team members. In the meantime, affected users have also been asked to stop adding liquidity and to cash out if at all possible.

A separate Telegram group for victims of the attack has already been created, with over 1,200 members at the time of writing. In a pinned message, Baymax told affected users that they will provide further updates as they come. “[W]hales or users that lost more than $300K+ should pm me,” they said.

The stolen funds are already on the move, with the perpetrator funneling millions through Tornado Cash, an Ethereum-based privacy tool.

Security exploits and hacks are nothing new for the cryptocurrency community. According to at least one estimate, there were 122 crypto-related hacks in 2020 alone, with the exploited assets worth billions at today’s prices.
http://dlvr.it/Ryf6C7

You might be interested in …

HODLing early leads to relationship troubles? Redditors share their stories

Uncategorized

One user referred to her husband as “brainwashed” over Bitcoin, saying he was ruining her job by bringing up crypto at her marketing events. Crypto investments have reportedly been a source of strife in relationships, sometimes leading to breakups and even divorce.  According to a Reddit post from February 2015, a then 28-year-old woman using […]

Read More

Love & coordination at the frontier of governance: How Yearn minted $300 million

Uncategorized

A core Yearn contributor gives the behind-the-scenes account of what may be the most consequential vote in decentralized governance history   On February 2nd, at 6:00pm UTC Yearn Improvement Proposal 57 passed mandating that Yearn Finance, the decentralized and permissionless neo-hedge fund where I work, mint 6,666 new YFI tokens. YFI holders themselves passed this […]

Read More

Payments firm Nuvei launches support for 40 cryptos including Reddcoin and DOGE

Uncategorized

Payment provider Nuvei has launched support for nearly 40 crypto assets including lesser-known coins from previous market cycles, such as Reddcoin, Steem, Bitcoin Gold, and Siacoin. E-commerce merchants can now transact in nearly 40 cryptocurrencies through global payment platform Nuvei.  According to the announcement, merchants partnered with the payment provider can use an array of […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php