Binance Seizes Over $450,000 Worth of Crypto Stolen in Curve Finance Phishing Hack, Working with Law Enforcement Funds Return Funds to Customers

Following the frontend attack on the DeFI crypto exchange Curve Finance on Tuesday, Binance managed to seize over $450k worth of crypto asssets stolen in the phishing hack. The amount represents approximatley 84% of the sum stolen however the crypto exchange. Fixed Float also seized about 112 ETH tokens currently valued at about £212k brining the total assets recovered to 100%. Binance founder and CEO Changpeng Zhao stated that Binance is working closely with law enforcment to return the assets to the victims.

Binance Recovers Curve Hack Proceeds

Binance has traced and seized most of the assets stolen in this week’s Curve Finance exploit.

Binance froze/recovered $450k of the Curve stolen funds, representing 83%+ of the hack. We are working with LE to return the funds to the users. The hacker kept on sending the funds to Binance in different ways, thinking we can't catch it. 😂#SAFU https://t.co/Ekea9moeAw

— CZ 🔶 Binance (@cz_binance) August 12, 2022

The exchange’s ounder and CEO Changpeng Zhao announced on Twitter today that the firm had recovered about $450,000 worth of cryptocurrencies stolen in this week’s frontend exploit on decentralized exchange Curve Finance. According to Zhao, the frozen proceeds represent about 83% of the total sum stolen in the incident.

“The hacker kept on sending the funds to Binance in different ways, thinking we can’t catch it,” he said, adding that the exchange was already working with law enforcement to return the funds to users.

Previously, the Lightning Network-based cryptocurrency exchange Fixed Float froze about 112 ETH, currently worth around $212,000. “Our security department has frozen part of the funds in the amount of 112 ETH,” Fixed Float tweeted Tuesday. The two seizures, in aggregate, bring the asset recovery up to 100%, meaning all victims that lost money in the front-end attack on Curve can be fully compensated.

Curve was exploited for about $573,000 on August 9. The attacker spoofed the Domain Name Service of Curve’s frontend, redirecting users to a phishing site that tricked them into approving a malicious smart contract. After the unsuspecting victims approved the transaction, the hacker was able to steal crypto assets directly from their wallets. Following the incident, the attacker began sending batches of stolen ETH to multiple addresses in an attempt to obfuscate the funds’ origin before transferring the money to centralized exchanges to cash out.

However, the attacker apparently did a poor job of hiding the source of their stolen ETH, as effectively all of it has been seized by Binance and Fixed Float.

Photo: Bryan van der Beek/Bloomberg