Drift Protocol, a Solana-based decentralized alternate (DEX), mentioned Friday it had opened onchain contact with wallets tied to funds stolen within the exploit that exterior corporations have estimated at roughly $280 million to $286 million.
Drift mentioned on X that it had initiated onchain contact with wallets holding the stolen Ether (ETH), in search of to open a line of communication.
The workforce despatched onchain messages from its Ethereum deal with (0x0934faC) to 4 wallets linked to the exploiter on the time of publication, urging the attacker to achieve out by way of Blockscan chat. “We’re prepared to talk,” Drift mentioned.
Onchain messaging has grow to be a typical tactic in exploit response, permitting protocols to speak instantly with attackers whereas preserving anonymity. In previous instances, such because the Euler Finance hack, comparable outreach led to the partial restoration of funds.
Nameless sender tries to stress the attacker
Drift’s communication got here hours after an unknown sender utilizing the ENS identify readnow.eth additionally reached out to wallets linked to the attacker on Thursday by way of onchain messages.
The sender claimed to know the identities behind the assault and demanded a cost of 1,000 ETH in alternate for withholding info.
The claims couldn’t be independently verified and will symbolize an try to mislead or stress the pockets holder. The incident highlights how, alongside official communications, unverified messages can flow into onchain after crypto exploits.
Solana fallout retains spreading
In response to SolanaFloor, Drift’s exploit has to this point affected at the least 20 Solana protocols, together with the decentralized finance (DeFi) platform Gauntlet, which was estimated to be impacted to the size of $6.4 million.
Blockchain safety platform Cyvers mentioned the affect was nonetheless increasing as of Friday morning, with no funds being recovered 48 hours previous the assault.
Cyvers mentioned that the assault was doubtless a “weeks-long, staged operation,” noting that the attacker arrange sturdy nonces, a Solana characteristic permitting customers to pre-sign transactions for future execution, days earlier than the exploit.
Associated: Crypto hackers steal $169M from 34 DeFi protocols in Q1: DefiLlama
“This intently mirrors the Bybit hack, totally different approach, identical root concern: signers unknowingly approving malicious transactions,” Cyvers added.
Some trade observers, together with Ledger chief know-how officer Charles Guillemet, prompt the exploit might contain North Korea-linked actors, although particulars stay unconfirmed.
Journal: No person is aware of if quantum safe cryptography will even work
