Cryptocurrency
DeFi
Exchanges
Stablecoins
NFTs
Wallets
Bitcoin
Ethereum
Tokens
ICOs
IEOs
Technology
Crypto
Banking
Supply Chain
Security
Healthcare
Mining
AI
Advertising
Gaming
Retail
Education
Analytics
Hosting
Business
Partnerships
Investments
Adoption
Acquisitions
Conferences
IPOs
Legal
Lawsuits
Patents
Politics
Fraud
Research
Guides
Opinion
Cryptocurrency
Technology
Business
Legal
Politics
Fraud
Research
Guides
Opinion
The Chain Bulletin logo

EasyFi Hack Was Caused by Compromised Admin Keys

  • Compromised MetaMask admin keys were used to drain over $70 million in EASY tokens from the protcol.
  • CEO Ankitt Gaur offered a $1 million reward for returning the funds.
by Andjela Radmilac April 21, 2021, 4:39 PM
Man with key

Shutterstock

In a 20 April blog post, EasyFi founder and CEO Ankitt Gaur detailed the incursion, which he says was a “targeted attack.”

According to Gaur, the EasyFi smart contracts were not exploited and only the mnemonic phrase and admin keys for the network’s MetaMask account were compromised. Following a brief post-mortem, the EasyFi team concluded that the hack wasn’t a result of a MetaMask phishing attack. Instead, the physical computer used to execute official transactions was compromised and the wallets were accessed directly from the hard drive.

“We are investigating it thoroughly to arrive at a factual conclusion and act on it,” Gaur said.

None of the tokens drained from the protocol have yet been sold due to liquidity constraints. EasyFi stopped all token deposits and is working with exchanges to halt token trading altogether. At the time of the hack, the stolen EASY tokens were worth over $70 million.

Gaur offered a $1 million reward for the hackers to return the funds and said that the company wouldn’t take legal action.

Discussion
Related Coverage
Unibot to Compensate Users Affected by Exploit
  • Popular Telegram bot Unibot, which is used to snipe trades on Uniswap, became a victim of a token approval exploit earlier today, when it was switching to a new router.
  • After confirming the exploit, Unibot assured users that their keys and wallets were safe, and that the project will compensate all affected users.
October 31, 2023, 3:01 PM
unlock

Shutterstock

Balancer Exploited After Giving Warning
  • DeFi protocol Balancer confirmed it was exploited almost a week after disclosing a critical vulnerability affecting several of its boosted pools.
  • The platform did its best to mitigate some of the risks but was unable to pause the affected pools, and an estimated $980,000 in DAI were stolen in an attack.
Kroll Data Breach Compromises FTX, BlockFi Customer Information
  • A cyber security incident at bankruptcy service provider Kroll has resulted in the exposure of “non-sensitive” customer data for claimants involved in the FTX and BlockFi cases.
  • Both companies confirmed that account passwords, systems, and funds remained safe, but warned customers to be on the lookout for phishing scams.