140 million and 96 private keys in nature – Vulcan Forged games no longer amuse anyone

Hacks, hacks everywhere… – In early November, decentralized finance (DeFi) hacks had caused the loss of more than $ 10.5 billion. An amount that continues to climb as the end of the year approaches, with new hacks every week. This time, wandering private keys are making the headlines.

Vulcan Forged Compromise: $ 140 Million Stolen

Vulcan Forged is an ecosystem of decentralized games, with several applications. Initially, the project was the origin of 6 blockchain-based video games. At the same time, the protocol created a platform for buying and selling NFT and a decentralized exchange.

In order to facilitate the adoption of its project, the Vulcan Forged protocol uses the service offered by Venly. This allows you to create the wallets for users. When creating a Vulcan account, the protocol will create wallets on Ethereum (ETH), Polygon (MATIC) and VeChain (VET).

On Monday, December 13, the Vulcan Forged teams have warned their users than 148 wallets had potentially been compromise.

In the end, it would seem that “Alone” 96 wallets were exploited by the attacker.

Once in possession of the private keys of these wallets, the attacker was able to steal the equivalent of 140 million dollars. It mainly took over PYR tokens, as well as some ETH and MATIC tokens.

>> Play it safe, subscribe to the FTX crypto exchange reference <<

Who to blame for the attack?

As we have seen, Vulcan Forged is based on the service offered by Venly for the creation of wallets for its users. However, the possibility of a flaw on the side of Venly was quickly discarded.

According to the words of Jamie thomson, CEO of Vulcan Forged, the attacker would have had access to Vulcan’s credentials on the Venly service, allowing him to extract the private keys:

“The Venly service, as far as we know, is doing well and has not been exploited. What happened was someone exploited our service. He got our Venly credentials and used them to extract the private keys of Vulcan Forged users. “

Following which Vulcan Forged announced its willingness to migrate to decentralized wallets, a feature that should be rolled out in the next 2 days. In addition, its teams directly announced a complete refund funds for aggrieved users. To do this, the teams drew on the protocol treasury.

Unlike many projects that found themselves in this scenario, Vulcan Forged demonstrated great speed and transparency in handling the attack. Thereby, more than half of injured users were reimbursed less than 24 hours after the attack.

Finally, the platform announced the establishment of a redemption (buy back) and of destruction (burn) PYR tokens, once the matter is settled.

Last week the protocol BadgerDAO was also the victim of an attack. In his case, the attacker managed to steal the equivalent of $ 120 million in cryptocurrency.

It has never been more important and urgent than today to better discover, and to expose yourself reasonably to Bitcoin and cryptocurrencies! To do this, the Journal du Coin advises you on the FTX platform. Going register on this benchmark crypto exchange, a lifetime reduction on your trading fees awaits you thanks to the JDC affiliate link.