Cryptocurrency lending platform dForce, which was hacked last week, has returned all of the stolen digital assets to its affected users, the firm said in a Tweet on 27 April.
According to the announcement:
“Over 90% of assets have been distributed to users in less than 24 hours. 100% users have been made whole in the recovery”.
The refund follows closely after the “Asset Redistribution Plan” the company released om Sunday.
The attack, which saw $25 million worth of cryptocurrency stolen from the platform, was carried out on 19 April. The hacker took around three hours to withdraw around 99.5 percent of the locked funds using a known vulnerability in the ERC-777 token standard, called reentrancy attack. The attacker used the imBTC stablecoin as a Trojan horse for the attack, and exploited a crucial flaw in the Lendf.me contracts and how they update the user’s balance.
On April 21, two days after the hack, all funds were returned to dForce after the attacker accidentally revealed his identity during a transfer. At the time dForce CEO, Mindao Yang, said in a blog post:
“It’s with great relief that I report that nearly all of the stolen funds have been recaptured through the efforts collaboratively made by our partners, law enforcement, investors, the community, and our team members.”
On 14 April, the dForce Foundation completed a $1.5 million seed round led by Multicoin Capital, and joined by Huobi Capital and CMB International. The company is allegedly planning to use the newly acquired funds to grow its team, and launch new DeFi products in 2020.