Inside Job Averted Bigger Loss in Blast dapp Hack, $97 Million Recovered

Inside Job Averted Bigger Loss in Blast dapp Hack, $97 Million Recovered

By Jakub Lazurek

28 Mar 2024 (8 months ago)

2 min read

Share:

Hack on Blast dapp, an inside job, nearly lost $97M but quick actions recovered funds

The Blast dapp heist was identified as an inside operation, sparing an even larger potential loss. Munchables, a GameFi initiative on Blast, reported a $62 million loss due to a security breach. Remarkably, a $25 million loss was avoided at Juice Finance because of the hacker's typing error.

By blacklisting the offender's address, the network managed to lock down the funds, compelling the hacker to hand over the private keys. This incident highlights the unexpected benefits of centralization in combating cyber threats.

ZachXBT’s investigation suggested that the hacker, involved with Munchables, masqueraded under several names, acting as four different developers.

Juice Finance, which had connections with Munchables, did not find any malicious code in their own review, despite the breach. The attack was made possible by a stealthy update, granting the hacker access to three wallets with unlimited withdrawal privileges.

The complicity of the hacker, a Munchables team member, was exposed after the incident, revealing a deep-seated breach of trust. This led to suspicions of North Korean involvement, termed by some as a "sleeper cell" tactic.

The unexpected return of the stolen assets by the hacker, possibly due to the Web3 community’s pressure, was an uncommon occurrence in blockchain hacks. Swift identification and action against the malicious wallets were crucial in reclaiming the stolen funds.

A simple error by the hacker led to a significantly lesser amount of wrapped ether being stolen than intended, showcasing a rare stroke of luck.

Preemptive measures by the teams involved secured an additional $7 million in assets, illustrating the effectiveness of rapid response.

The centralized aspects of Blast proved instrumental in managing the crisis, despite potential criticisms from decentralization purists.

This approach underscored the importance of safety measures in the current stage of network development, leading to the successful recovery of $97 million and highlighting the advantages of strategic centralization in crisis situations.

Share:
Go back to All News
Previous article

US and UK Freeze Assets ...

US and UK Freeze Assets of Palestinian News Outlet for Hamas Support
Next article

Fidelity Moves Forward with Ethereum ...

Fidelity Moves Forward with Ethereum ETF Plan Amid Regulatory Uncertainty