dForce Foundation CEO Mindao Yang said the hackers seek to negotiate.
“The hacker(s) have attempted to contact us and we intend to enter into discussions with them.”
Lendf.Me and USDx, two protocols of the foundation, stopped temporarily and the website went offline.
Assets locked in the dForce fall 100% after attack
DeFi Pulse stated that the assets locked in the dForce network plunged by around 100% after the exploit.
Commenting on the attack, decentralized exchange Tokenlon stated hackers managed to exploit vulnerability in a smart contract linking ERC777 tokens and Uniswap/Lendf.Me contracts.
SlowMist, a blockchain ecosystem security company, stated that after the attack, the criminals converted the cryptocurrency to ETH and other tokens on decentralized platforms.
“We are doing everything in our power to contain the situation. We have contacted law enforcement in several jurisdictions, reached out to asset issuers and exchanges to track down and blacklist the hacker(s)’s addresses, and engaged our legal teams.”
Cryptolydian reported today that the latest loss recorded by Lendf.me amounted to $25 million worth of Bitcoin (BTC) and Ethereum (ETH).
Lendf, one of the two protocols supported by dForce Foundation, saw the assets exiting from its accounts after a coordinated hack late Saturday and early Sunday.
The lending protocol said:
“Lendf.me confirmed it was attacked at 8:45 Beijing time Sunday at block height 9899681.”
Attack initiated by imBTC
Other DeFi protocol builders speculated that the attack was initiated by imBTC, an Ethereum (ETH) token paired one-to-one with Bitcoin (BTC), allowing the attacker space to siphon funds without pain.
What is not obvious now is whether users could withdraw their funds or that the attacker has taken over all the $25 million that represent more than 99 percent of their savings.