Site navigation

Mystery dForce Hacker Returns $24M in Stolen Cryptocurrency Assets

David Paul


dForce Hacker

The China-based decentralised finance protocol, dForce, said the hacker sent back almost all of the stolen assets over the weekend.

A hacker who stole $25 million (£20 million) from decentralised finance platform dForce has reportedly returned most of the stolen currency after the company lost more than 99% of its assets.

Data from the Ethereum distributed computing platform and operating system showed multiple large transactions in a variety of cryptocurrencies, including Ether, being transferred from an address labelled “Lendf.Me Hack” to the admin address for the Lendf.Me project.

The currencies were also returned in multiple transactions between Monday and Tuesday of this week, totalling around $24.3 million (£19.7 million). The returned amount was less than the original as the attacker converted a portion of the Ether into some other digital currencies.

In a blog post, dForce founder Mindao Yang commented after the attack: “On 19 April 2020, Lendf.Me, the lending protocol in the dForce network, was attacked and approximately $25 million in assets were drained from the contract.

“We learned of the attack at 9:15 am (UTC+8) through our internal monitoring system. Immediately following, we temporarily paused Lendf.Me and USDx and pulled down the website to investigate the attack and assess the situation.

“The situation is evolving, and we’re learning more every minute, however, it appears the hacker(s) have concluded their attack.”

Blockchain security company PackShield said that the hacker utilised a vulnerability on dForce’s systems and, with the combination of ERC777 tokens and DeFi smart contracts, executed a reentrancy attack.

The attack essentially convinced the system that money had been deposited, when it had in fact been siphoned away.


“The hackers have attempted to contact us, and we intend to enter into discussions with them,” Yang continued.

“This attack not only harmed our users, our partners, and my co-founders, but also me personally. My assets were stolen in this attack, too.

We are doing everything in our power to contain the situation. We have contacted law enforcement in several jurisdictions, reached out to asset issuers and exchanges to track down and blacklist the hacker(s)’s addresses, and engaged our legal teams.”

David Paul

Staff Writer, DIGIT

Latest News

Editor's Picks Recruitment
Infrastructure Trending Articles
Editor's Picks Social Media
Business Editor's Picks
%d bloggers like this: