Crypto on-chain crime drama sees the good guys finally win

Published at: Dec. 21, 2022

The stories about people getting their private keys hacked or stolen are nothing new, and users have reportedly lost their life savings because of these thefts. However, in quite an anti-climax scene, a crypto user managed to save their crypto holdings despite losing the private keys.

Harpie, an on-chain security firm,  revealed an instance of on-chain crime drama where the good guys eventually won. One of the users in their discord group reportedly raised concerns about the suspected theft of their private keys. When the firm looked into the said customer’s wallet, someone was indeed trying to transfer funds from the victim’s accounts

How did we do this?About a month ago, this user protected their tokens with Harpie.By approving and protecting their tokens with Harpie, this user gave us permission to intervene if we ever spotted a theft on their wallet.5/7 pic.twitter.com/33KYDKZeO1

— Harpie (@harpieio) December 20, 2022

However, the security group managed to act fast and move the victim’s funds to a non-custodial address before the hacker could transfer those funds. This contract allowed the victim to recover their lost tokens from a different, uncompromised wallet. The security firm was able to do so by offering a higher gas fee for transferring the victim’s address.

This was only possible because the victim protected their tokens with Harpie, allowing the security firm to intervene whenever a case of possible theft came to their attention. The firm said:

“When we detected the malicious transfer, we moved this user's funds to a noncustodial vault before that transaction could confirm by paying a higher gas fee.”

The on-chain security firm said that they have recovered about $700,000 worth of stolen funds and acts as an on-chain firewall for the community.

Related: 10,000 BTC moves off crypto wallet linked to Mt. Gox hack

While what Harpie did was all about timely intervention and required access to the user’s wallet, there have been several instances where the crypto community has come together to retrieve stolen funds and nonfungible tokens as well. As Cointelegraph reported in May, the Solana community came together to “scam” a scammer in order to get back some stolen NFTs.

With blockchain and distributed ledger technology powering a majority of the cryptocurrencies, the tracking of any form of stolen funds becomes easier. On the other hand, stealing funds is only the first step for exploiters and it might take them years to move a small portion of funds, and there have been instances where they were caught even then.

Tags
Related Posts
Uranium Finance developer suspected of ‘leaking’ information leading to $50M exploit
The $50 million exploit of Uranium Finance, a decentralized finance protocol on Binance Smart Chain, may have been an inside job, according to a member of the project’s development team. The theory was put forward in Uranium Finance’s Telegram channel by a user named “Baymax,” who appears to be listed as an administrator. In a pinned post, Baymax explained that the security flaw leading to the exploit happened just two hours before version 2 of the protocol was launched. The suspicious timing of the exploit narrows down the list of potential perpetrators significantly. Baymax explained: “There are a total of …
Blockchain / April 28, 2021
Trident Crypto Fund Data Breach: 266,000 Passwords Stolen
In a major privacy breach, the usernames and passwords of more than a quarter of a million Trident Crypto Fund customers have been stolen and published online. Technical director of cybersecurity firm DeviceLock Ashot Oganesyan told Russian news outlet IZ the database — which contains email addresses, cellphone numbers, encrypted passwords and IP addresses — had been uploaded to various file sharing websites on February 20. Earlier this week, hackers decrypted and published close to 120,000 of the passwords, potentially enabling them to log into affected users’ accounts and access their funds. 10,000 Russians affected Oganesyan said that while attacks …
Blockchain / March 6, 2020
What is a seed phrase and why is it important?
How to keep your seed phrase safe A crypto seed phrase in the wrong hands can do damage, so it is advisable to always ensure it is safe. The following are some tips for ensuring your seed phrase is secure. Never share your seed with anyone else: It’s extremely important that you never reveal your recovery phrase to anyone. Why? Because if someone else finds out your recovery phrase, they will be able to access — and therefore control — your crypto funds. Make a note of it on paper and keep it in a secure location: This is the …
Blockchain / Aug. 27, 2022
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022
Developers could have prevented crypto's 2022 hacks if they took basic security measures
Users losing funds due to malicious activity is hardly unknown on Ethereum. In fact, it is the very reason researchers recently developed a proposal to introduce a type of token that is reversible in the event of a hack or other unsavory behaviors. Specifically, the suggestion would see the creation of an ERC-20R and ERC-721R, which would be modified versions of the standards that govern both regular Ethereum tokens and nonfungible tokens (NFTs). The premise goes like this: this new standard would allow users to make a “freeze request” on recent transactions that would lock those funds until a “decentralized …
Technology / Nov. 13, 2022