Date:: May 17th, 2021
Amount Stolen:: $7,000,000
Tags:: 🔑 Admin Key Compromise, "Inside Job"
Private Key Compromise, Modified owner of contract
According to community feedback and data on the chain, the token FNX of the on-chain option agreement FinNexus has been minted, transferred or sold in a large amount in a short period of time, involving more than 300 million FNX tokens (approximately US$7 million) in BSC and Ethereum , Some users reported that the owner authority of the project contract was previously modified
It called it a smart contract hack but industry experts have refuted the claim, suggesting it was a stolen private key for the administrator account.
According to community feedback and data on the chain, the token FNX of the on-chain option agreement FinNexus has been minted, transferred or sold in a large amount in a short period of time, involving more than 300 million FNX tokens (approximately US$7 million) in BSC and Ethereum , Some users reported that the owner authority of the project contract was previously modified.
- 0x961918dcc6f1f78f93e357182614c791041f401e - Original Contract Owner
- 0x5ebc7d1ff1687a75f76c3edfabcde89d1c09cd5f - Exploiter
- 0xfceaaaeb8d564a9d0e71ef36f027b9d162bc334e - Also interacts with
- 0x714ba5cd1fd5176c2d206e5be5a972f734026661 - Deployed by
- 0xf4ace6ae2df8ef5dbccb3a118f072f8a80868fc7 - connect FinNexus <> bZx <> MetaPlay
- https://atozmarkets.com/news/latest-defi-hack-finnexus-protocol-exploited/
- https://cryptoslate.com/defi-tool-finnexus-fnx-plunges-by-90-after-hack-some-allege-an-inside-job/
- https://etherscan.io/tx/0x61f5518e9b9272f1d54fa864b8b297edb98dbbe5e1a4e16c9238ecb935e38ed0
- https://finance.yahoo.com/news/latest-defi-hack-drains-7-050841516.html
- https://finnexus.github.io/Pdfs/FinNexus_Whitepaper_en.pdf
- https://finnexus.io/
- https://genesisblockhk.com/what-is-finnexus/
- https://github.com/FinNexus/Pdfs/blob/master/PeckShield-Audit-FinnexusOptionsV1.0.pdf
- https://hacked.slowmist.io/en/?c=ETH%20DApp
- https://medium.com/finnexus/a-new-start-finnexus-compensation-and-security-enhancement-plan-3b693b581596
- https://medium.com/finnexus/finnexus-statement-regarding-the-may-2021-hack-d69e1b7617dc
- https://medium.com/phoenix-finance/a-new-start-finnexus-compensation-and-security-enhancement-plan-3b693b581596
- https://bsc.news/post/finnexus-contract-deployer-exploited-sending-token-in-a-90-spiral
- https://certik.org/
- https://quadrigainitiative.com/casestudy/finnexusfinished.php
- https://twitter.com/FrankResearcher/status/1394313296749076480
- https://twitter.com/fin_nexus/status/1394319411947864069
- https://twitter.com/fin_nexus/status/1396429323091865603
- https://twitter.com/fin_nexus/status/1394389850447482880
- Annex 95: Suspected DPRK cyberattacks on cryptocurrency-related companies (2017-2023) investigated by the Panel