The DeFi community woke up to the news of a hacker draining $15 million from untested and unaudited codes of Andre Cronje’s latest project. Cronje, who happens to be the Founder of Yearn.Finance, was working on a new economy for a gaming multiverse, called Eminence, and wasn’t planning on releasing the project for at least another three weeks.
Following which he revealed deploying staging contracts on ETH to continue developing on it. The unaudited version was launched on the decentralized platform, Uniswap. Cronje tweeted the project’s logo last night.
— eminence.finance (@eminencefi) September 28, 2020
However, he woke up in the middle of the night to find that almost $15 million was deposited into the contracts as speculators driven by FOMO rushed in to purchase the platform’s native EMN tokens.
A hacker discovered a rogue function that allowing the minting of unlimited EMN tokens, burn an equal amount of EMN tokens against another crypto-asset, and sell that to those rushing in to buy the token. The hacker went ahead and exploited the flaw in the contracts leading to a loss of $15 million. In a rather bizarre event, Cronje revealed that the hacker returned over $8 million of the stolen funds to his own deployer contracts.
The returned funds will be directed to all those who rushed into buying the EMN token. Despite this, he continued to receive threats. Revealing the same, Cronje tweeted,
“As I am receiving a fair amount of threats, I have asked yearn treasury to assist with refunding the 8m the hacker sent. The multisig is safer and as such I feel more comfortable with them having the funds. Funds will be returned to holders pre-hack snapshot.”
Following this episode, the developer urged the community to wait for official announcements and further added,
“Given some of the responses, let me be clear, do not use random contracts I deploy unless I reference it in a medium article. The contracts I deployed yesterday were purely for myself to engage with, both GIL and EMN are staging and will not be used.”