Cypher Protocol, a decentralized exchange operating on the Solana (SOL) blockchain, suffered a security breach on Monday, resulting in an estimated loss of around $1 million. In order to mitigate further damage, the protocol has halted its smart contract.
On August 8, Cypher Protocol took to X (formerly Twitter), confirming the attack and reassuring that its team is working with individuals and investigating the exploit. The protocol also addressed the hacker by asking if they would be open to speaking with the Cypher Protocol team to negotiate a potential return of stolen funds.
Cypher has has experienced an exploit/security incident. The smart contract has been frozen.
The team is currently working with individuals and investigating
To the hacker: We are writing to see whether you would be open to speaking with us about any potential next steps.
— cypher ©️ (@cypher_protocol) August 7, 2023
How did the Cypher Protocol Hack Happen?
According to data from Solana blockchain explorer Solscan, the wallet linked to the exploit had stolen 38,350 SOL and 123,184 USDC, amounting to roughly $1,035,203 in unauthorized transactions. In the following hours, the alleged wallet transferred $30,000 to another address “kiing.sol,” with the potential goal of liquidating the stolen funds.
Cypher Program on Solana was hacked with losses of ~$1M. The program has been frozen.
The stolen funds are currently held at HHm4wK91XvL3hhEC4hQHo544rtvkaKohQPc59TvZeC71.
The attacker's initial funds are from @kucoincom and @binance. https://t.co/2TYEMsnuGy pic.twitter.com/JnNirDZaHW
— Beosin Alert (@BeosinAlert) August 8, 2023
Additionally, analysts at blockchain security firm Beosin found that the hacker’s wallet was funded from centralized crypto exchanges KuCoin and Binance. Since the exploit, members of the cryptocurrency community sent a series of non-fungible tokens (NFT) to the suspected wallet, asking the hacker to return the stolen funds. Among the various messages, one read,
“Seriously though, you used Binance and KuCoin to fund and to try and get 30k out. People will find you. Please do the right thing and give the rest back.”
The recent security breach coincided with Cypher Protocol’s collaborative mtnDAO hacker house event, which they co-hosted with another Solana protocol, Marginfi. Ensuring clarity and dispelling doubts about their own security, Marginfi swiftly relayed via their Telegram channel that they remained unaffected by the breach and continue to maintain their operational independence from Cypher.
Crypto-Related Hacks Down 58% in 2023 Compared to 2022
The cryptocurrency market has made great leaps in terms of price performance in 2023, but so have malicious entities. Hacks and network exploits continue to plague the crypto sector. Recently, security audit firm CertiK revealed Crypto traders have lost a staggering $303 million worth of digital assets in cryptocurrency exploits and hacker attacks in July, making it the worst month this year so far in terms of stolen value.
Combining all the incidents in July we’ve confirmed ~$303M lost to exploits, hacks and scams. The most lost in a single month in 2023.
Exit scams were ~$8.6M
Flash loans were ~$8.7M
Exploits were ~$285M
See more details below 👇 pic.twitter.com/GtdsxsSohc
— CertiK Alert (@CertiKAlert) July 31, 2023
However, compared to the second quarter of 2022, when hacks and exploits took $745 million, the security firm pointed out that there was a 58% decline in the amount lost. This suggests that the industry has been actively addressing these challenges and implementing proactive security measures.
On the other hand, as the number of crypto hacks surged in an alarming fashion, a surprising trend began to emerge from hackers as they now started returning the stolen funds. Over the recent past, hackers have been progressively returning the stolen funds, opting instead for a “white hat” reward offered by the compromised projects. In 2023, some victims of these crypto exploits managed to recover nearly half of the purloined funds.
