Cypher Protocol Freezes $600,000 in Crypto Due to Security Flaw

Cypher Protocol, a decentralized futures exchange based in Solana, managed to freeze $600,000 worth of cryptocurrency on August 7 via a security flaw.

In a post on X (Twitter) on August 18, Cypher Protocol reported that, with the assistance of several independent blockchain investigators, more than half of the stolen funds have been effectively frozen across centralized exchanges.

“The return of these funds is contingent upon the cooperation of these CEXs and the issuance of seizure warrants by law enforcement,” it stated.

Cypher was exploited for approximately $1 million on August 7, causing the protocol to suspend smart contracts. The DeFi exchange facilitates lending and borrowing via primary accounts with multiple sub-accounts that are cross-collateralized.

Halborn, a blockchain security company, explained that the vulnerabilities prohibited accurate tracking of isolated sub-accounts and insufficient margin checks before borrowing.

Using multiple accounts, the attacker exploited these code vulnerabilities to steal an estimated $1 million worth of various crypto assets, including USDT, SOL, wETH, and a smattering of altcoins.

The team was able to contact the perpetrator on August 10 after offering a 10% white-hat bounty worth approximately $120,000.

Two days later, the protocol reported that the intruder had missed the deadline to return the funds and had made the reward public. They also alluded to partial knowledge of the exploiter’s identity.

Cypher announced a redemption plan and “socialized losses policy” for the distribution of remaining assets to affected users on August 16.

It was specified that a redemption package containing protocol assets would be distributed proportionally based on user share.

Screenshot from Cypher redemption package. Source: Cypherlabs

“The value used for redemption about a margin account will be based on a snapshot of the account’s assets at the time Cypher protocol was frozen,” totaling approximately 31 cents on the dollar, according to the statement.

In its most recent statement, Cypher thanked blockchain sleuth ZachXBT, stating that “he was indispensable to the Cypher team and the primary contributor in the initial freezing of funds across multiple CEXs, and also assisted in tracking down the attacker.”

According to the REKT database, the cipher exploit was the third-greatest in August.

DeFi protocol Zunami was the victim of a $2.1 million flash loan attack on August 13, while yield aggregation platform Steadefi was exploited for $1.1 million on August 7.