Shezmu Hack Exposed The 5M Heist and Its Partial Recovery
News 

Shezmu Hack Exposed The 5M Heist and Its Partial Recovery

Shezmu, a decentralized finance (DeFi) protocol, recently fell victim to a heist where a thief managed to exploit a vulnerability in the protocol’s vault system and make off with $5 million. However, Shezmu was able to negotiate with the hacker and recover a significant portion of the stolen funds. Here’s a breakdown of what happened:

The Vulnerability: Unrestricted ShezUSD Borrowing
The hacker took advantage of a vulnerability in one of Shezmu’s vaults that allowed them to mint collateral without any restrictions. While exploiting this vulnerability, the hacker was also able to take numerous ShezUSD loans and drain approximately $5 million from the platform.

Negotiating with the Hacker
After the attack, Shezmu initiated dialogue with the hacker and offered a 10% bonus if the stolen tokens were returned. The hacker responded by demanding a 20% bonus, and Shezmu agreed to the terms. This can be considered a “white hat” settlement, as it prevented further losses and avoided legal disputes.

Recovering the Stolen Funds
Within a day, the hacker began returning the stolen assets. Initially, they returned DAI, as well as 419.18 ETH, including wETH. Shezmu has assured users that it will recover all remaining funds and restore the stolen capital.

Supporting Impacted LPs
Shezmu has outlined its strategy to support the LPs (liquidity providers) affected by the hack. Screenshots of LPs holding ShezUSD and ShezETH paired assets on platforms like Curve, Balancer, and Beefy will be taken. These LPs will receive an airdrop of 80% of the recovered funds to compensate for their losses. The remaining 20% will be obtained by selling debt tokens, which will be redeemed using protocol fees and treasury assets.

Recovery Mode for Balancer ShezETH Pool
In addition to recovering the stolen funds, Shezmu has activated the recovery mode for its Balancer ShezETH pool. This allows LPs to withdraw their investments in proportion to their initial deposits but restricts any new deposits or swaps on the pool. Shezmu plans to release a post-mortem report on the incident and the measures it is implementing to prevent future hacks.

Tags
Hack

Leave a Reply

Your email address will not be published. Required fields are marked *