Solana-based decentralized futures exchange Cypher Protocol halted its smart contract after an estimated $1 million exploit.
On Aug. 7, Cypher alerted its 13,500 followers on X (formerly known as Twitter) that it had experienced a security incident and had therefore frozen its smart contract.
The team added it is investigating the cause of the exploit and has reached out to the hacker to negotiate a potential return of stolen funds.
Cypher has has experienced an exploit/security incident. The smart contract has been frozen.
The team is currently working with individuals and investigating
To the hacker: We are writing to see whether you would be open to speaking with us about any potential next steps.
— cypher ©️ (@cypher_protocol) August 7, 2023
According to data from Solana blockchain explorer Solscan, the wallet suspected to be tied to the exploit stole approximately 38,530 Solana (SOL) tokens as well as $123,184 USD Coin (USDC) — netting a total of $1,035,203 in illicitly gained funds.
Total balance of stolen funds in the Cypher attackers’ wallet. Source: Solscan
In the hours following the exploit, the alleged wallet transferred 30,000 USDC to Binance’s Solana USDC address “kiing.sol” in a possible attempt to cash out the stolen funds.
The alleged hacker transferred 30,000 USDC to Binance. Source: Solscan
Since the exploit, a number of NFTs have been sent to the wallet requesting the return of the funds.
“Seriously though, you used Binance and KuCoin to fund and to try and get 30k out. People will find you. Please do the right thing and give the rest back,” read one NFT.
Another NFT-based message to the attacker was more curt, simply writing “give it back you shitlord.”
Related: ‘All funds are at risk’ — Steadefi exploited in ongoing attack
At the time of publication, the alleged hacker has yet to bridge any Solana-based funds to the Ethereum network.
The attack comes amid Cypher Protocol’s mtnDAO hacker house event, which it co-hosts with fellow Solana protocol Marginfi. Marginfi wrote in its Telegram that it remains independent from Cypher and had not been impacted by the attack.
Cointelegraph has reached out to Cypher Protocol for more details but did not receive an immediate response.
Read also: Deposit risk: What do crypto exchanges really do with your money?