{"id":94092,"date":"2024-09-21T07:53:53","date_gmt":"2024-09-21T11:53:53","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=94092"},"modified":"2024-09-21T07:55:01","modified_gmt":"2024-09-21T11:55:01","slug":"shezmu-recovers-hacked-funds-via-negotiation","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/shezmu-recovers-hacked-funds-via-negotiation\/","title":{"rendered":"Crypto Lender Shezmu Recovers Hacked Funds via Negotiation"},"content":{"rendered":"\n

Shezmu negotiated with a hacker to retrieve over $5 million in stolen crypto<\/a> and increase the bounty.<\/p>\n\n\n\n

\"Shezmu<\/figure>\n\n\n\n

Utilizing the Yield Protocol, Shezmu recovered nearly $5 million in stolen funds within hours after successfully negotiating with the hacker.<\/p>\n\n\n\n

On September 21, Chaofan Shou, co-founder of blockchain analytics firm Fuzzland, alerted the public to a compromised storage vault belonging to Shezmu. <\/p>\n\n\n\n

Although it was unclear whether the event was a rug pull or a legitimate hack, Shou confirmed that approximately $4.9 million in cryptocurrencies had been stolen.<\/p>\n\n\n\n

\n

.@ShezmuTech\r\n \r\n \r\n \r\n <\/g>\r\n \r\n \r\n \r\n <\/clipPath>\r\n <\/defs><\/svg><\/span><\/a> has been hacked \/ rugged. ~$4.9M worth of $ShezUSD<\/use><\/svg><\/span><\/a> stolen.

One of their vaults used collateral that can be minted by anyone. With the free collateral, the attacker can borrow an arbitrary amount of $ShezUSD<\/use><\/svg><\/span><\/a>. pic.twitter.com\/eR0bH5rTV2<\/use><\/svg><\/span><\/a><\/p>— Chaofan Shou (svm\/acc) (@Fried_rice) September 20, 2024<\/use><\/svg><\/span><\/a><\/blockquote>

Shezmu later verified that one of its ShezmuUSD (ShezUSD) stablecoin vaults had been exploited and promptly urged the hacker to return the funds in exchange for a bounty, promising no legal consequences. <\/p>\n\n\n\n

\n

Dear White Hat,

The Shezmu team is offering a 10% bounty of the exploited funds, provided that the remaining funds are returned within the next 24 hours. If the funds are not refunded within this time frame, we will escalate the matter through legal channels.\u2026<\/p>— Shezmu (@ShezmuTech) September 20, 2024<\/use><\/svg><\/span><\/a><\/blockquote>

The protocol issued an on-chain message <\/use><\/svg><\/span><\/a>requesting that 90% of the stolen funds be returned within 24 hours, warning that law enforcement would be involved if the hacker did not comply.<\/p>\n\n\n\n

Hacker Requests 20% White Hat Bounty<\/h2>\n\n\n\n

The hacker responded by demanding a 20% bounty rather than the 10% originally offered by Shezmu. <\/p>\n\n\n\n

\"\"
Shezmu\u2019s team negotiates the return of stolen funds with the hacker. Source: Etherscan<\/figcaption><\/figure>\n\n\n\n

The protocol agreed to the terms, and within hours, the stolen Dai tokens began to be returned. <\/p>\n\n\n\n

The hacker first sent back 282.18 Ether, followed by another refund of 137 Wrapped Ether (WETH).<\/p>\n\n\n\n

\n

Update: An additional 137 WETH was recovered from the shezUSD white hat and returned to the Shezmu Treasury!https:\/\/t.co\/K2AnPkme9F<\/use><\/svg><\/span><\/a>

As we continue to recover the remaining funds, please do not interact with Oasis until further updates. Thank you for your continued support<\/p>— Shezmu (@ShezmuTech) September 21, 2024<\/use><\/svg><\/span><\/a><\/blockquote>

However, not all the stolen funds had been recovered at the time of writing, and Shezmu advised investors to avoid interacting with the protocol\u2019s Oasis vault until further notice.<\/p>\n\n\n\n

WazirX Struggles to Recover $235 Million Stolen Funds<\/h2>\n\n\n\n

In contrast, Indian cryptocurrency exchange WazirX<\/a> has not recovered its $230 million in stolen funds, 60 days after being hacked. <\/p>\n\n\n\n

WazirX has not acknowledged the hack, instead blaming its custodian, Liminal, for the loss of the funds.<\/p>\n\n\n\n

Liminal refuted these claims, announcing on September 9 that an independent audit by multinational firm Grant Thornton found no evidence that the cyberattack originated from Liminal\u2019s web applications or its infrastructure.<\/p>\n\n\n\n

\n

It's been over a month since WazirX, a major crypto exchange operating in India, claimed that a cyber attack on their platform led to the theft of $230 million (~ Rs 2000 cr) worth of funds.

We have attempted to be in regular touch with WazirX since the day of the incident but\u2026<\/p>— CoinSwitch: India's Simplest Crypto App \ud83d\ude80 (@CoinSwitch) August 28, 2024<\/use><\/svg><\/span><\/a><\/blockquote>

WazirX has also faced legal threats from its customers, including rival Indian crypto exchange CoinSwitch, which initiated legal action to recover approximately 2% of its funds, amounting to $6.2 million.<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Shezmu negotiated with a hacker to retrieve over $5 million in stolen crypto and increase the bounty. Utilizing the Yield Protocol, Shezmu recovered nearly $5 million in stolen funds within hours after successfully negotiating with the hacker. On September 21, Chaofan Shou, co-founder of blockchain analytics firm Fuzzland, alerted the public to a compromised storage […]<\/p>\n","protected":false},"author":56,"featured_media":94103,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11476,21],"tags":[7713,710,128,937,12002],"class_list":["post-94092","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacks-and-scams","category-news","tag-altcoin","tag-business","tag-ethereum","tag-hackers","tag-hacks"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2024\/09\/Shezmu-Crypto-Lender-Recovers-Hacked-Funds-via-Negotiation.webp","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/94092","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/56"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=94092"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/94092\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/94103"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=94092"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=94092"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=94092"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}