Since its inception, the cryptocurrency industry had to deal with scams and fraudulent activities. Reports claimed that 2019 was a crucial year for these events as the industry witnessed a surge in the number of people using weak security gateways and ignorance.
Lendf. Me, the popular cryptocurrency lending platform was attacked on April 19, leading to more than $25 million in losses. Almost all of the stolen funds have recently been recovered with Chief Executive Officer [CEP] Mindao Yang thanking partners, investors, and law enforcement agencies for their efforts.
In a new release, Lendf.Me claimed that all hacked funds from the exchange were moved to a separate recovery account. The recovery account has an address of 0xc88fcc12f400A0a2cEbE87110dcDe0dAFD29F148 with a current balance of 512.62 ETH. The organization’s development team has been working on auditing asset data through internal data and third part cross-checking, important aspects of ensuring proper safeguards.
The officials close to the developments added that they were also planning to establish an asset distribution plan and corresponding risk management procedure. This will ensure that the accuracy and security of the distribution process are maintained. Lendf.Me is also working to finalize a post-asset-redistribution action proposal to put the qualms of people at rest. According to an official release from the company:
“The Lendf.Me smart contracts were compromised during the attack. As a result, we indefinitely paused the Lendf.Me contract and built a new Asset Recovery System to return the stolen assets to users. Following the return of the stolen funds, all assets have been stored in a cold wallet. The funds are secure, and we’re eager to return them.”
Since the hackers were only able to exchange a few of the stolen assets, Lendf.me has decided to rebalance a majority of the portfolio back to its last known state before the attack. Lendf.Me’s outstanding supply and borrow balance snapshot was taken on April 19 at a block height of 9,900,772. According to the organization, all the user’s supply and borrowing outstanding will be valued against the aforementioned snapshot.
Lendf.Me users who only supplied have the option to trigger the withdrawal process automatically from the platform’s workings. The current settlements will be conducted on a first come first serve basis because of the large influx of requests. Users who had borrowed from the platform will have to follow three steps to assess their asset recovery.
Once these users check their supply and borrow status, they will be required to repay the outstanding borrowed assets before retrieving collaterals. After the users pay back the full amount, all collaterals will be returned by Lendf.Me to the respective user accounts. Lendf.me claimed that they will be doing everything that they can to restore all functions back to normal as soon as possible.
During the initial hack, Lendf. Me was not the only company affected, as it was accompanied by UniSwap. The latter used both the Lendf.me protocol built on top of DeFi as well as the imBTC protocol. While Lendf lost $25 million in assets, Uniswap had to deal with losses of between $300,000 and $1.1 million.