Following the $200 million exploit on September 23, Mixin Network has sent a message to the hacker responsible, offering a bug bounty of $20 million to return the remaining funds.
As most of the stolen funds were user assets, Mixin Network encrypts the message accompanying the exploiter transaction, requesting the return of the funds.
“Most of our platform assets were users, and we hope you can refund them. You can keep $20M of the assets as a BUG Bounty Reward for the BUG.”
Mixin Network confirmed the exploit on September 25, stating that the exploiters breached a third-party cloud service provider, resulting in the seizure of nearly $200 million worth of assets from the platform.
Feng Xiaodong, the founder of Mixin, stated that the company would reimburse affected users up to a “maximum of 50 percent,” with the remaining amount returned in bond tokens that the company would repurchase with its earnings.
An on-chain analytic platform revealed a history of the hacker’s interactions with Mixin Network before Mixin disclosed the complete circumstances surrounding the exploit. In 2022, the address 0x1795 associated with a fraudster, received 5 Ether from Mixin.
Cross-chain protocols in the decentralized finance (DeFi) space have been the target of some of the most prominent exploits in crypto history.
However, how the exploiters stole $200 million worth of assets via a data compromise is still being determined. One report indicates that over half of all DeFi exploits involve cross-chain protocols, resulting in over $2.5 billion in losses.
Cross-chain protocols facilitate interoperability between chains and enable users to transfer assets from one blockchain to another. Consequently, these cross-chain protocols frequently hold many assets from multiple chains, rendering them susceptible to such attacks.
