Crypto lender Shezmu recovers hacked funds through negotiation

Shezmu recovers $5 million in stolen funds after negotiating with the hacker, while WazirX faces challenges tracking down $230 million.
Shezmu recovers $5 million in stolen funds after negotiating with the hacker, while WazirX faces challenges tracking down $230 million.

Leveraging yield protocol, Shezmu recovered nearly $5 million of stolen funds within hours of successfully negotiating with a hacker.

On Sept. 21, Chaofan Shou, the co-founder of blockchain analytics firm Fuzzland, alerted against a compromised storage vault belonging to Shezmu. While uncertain if the incident was a rug pull or a genuine hack, Shou confirmed that roughly $4.9 million worth of cryptocurrencies was stolen in the process.

Source: Chaofan Shou

Shezmu later confirmed that one of its ShezmuUSD (ShezUSD) stablecoin vaults was exploited and proactively urged the hacker to return the funds in exchange for a bounty reward with no legal repercussions.

Source: Shezmu

Shezmu requested the return of 90% of the stolen funds within 24 hours through an onchain message. The protocol would involve law enforcement only if the hacker decided not to comply. 

Shezmu hacker demanded 20% white hat bounty

The hacker responded to the request by demanding a 20% bounty reward instead of the initial 10% offer, which Shezmu agreed to.

Shezmu’s team negotiates the return of stolen funds with the hacker. Source: Etherscan

Within hours, Shezmu began receiving the stolen Dai (DAI) tokens in its wallet. The hacker initially returned 282.18 Ether (ETH) to the protocol and followed it up with another refund of 137 Wrapped Ether (WETH).

Source: Shezmu

However, not all funds were recovered at the time of writing, and the Shezmu team urged investors to limit their interactions with the protocol’s Oasis vault until further updates.

Related: BingX confirms ‘minor’ losses amid panic over hot wallet movements

WazirX struggles to track $235 million stolen funds

On the other end of the spectrum, Indian crypto exchange WazirX has made no progress in tracking down its $230 million stolen funds 60 days after being hacked.

WazirX did not admit to the hack and continues to blame its custodian, Liminal, for losing the funds. Refuting this claim, Liminal announced on Sept. 9 that it had undergone an independent audit by multinational professional services firm Grant Thornton.

The audit found that Liminal did not find any evidence of the cyberattack originating from Liminal’s web apps or its back-end and front-end structures.

Source: CoinSwitch

Most recently, WazirX faced legal threats from its customers, the most notable of which was another rival Indian crypto exchange, CoinSwitch. The company initiated legal action against Wazir to recover 2% of its funds, worth approximately $6.2 million. 


Magazine: What Solana’s critics get right… and what they get wrong