• bitcoinBitcoin$95,173.51-1.47%
  • ethereumEthereum$3,339.75-0.48%
  • rippleXRP$2.19-2.46%
  • binancecoinBNB$680.562.58%
  • solanaSolana$183.870.25%

Flamingo Finance Details $5M Hack, Recovery Plan

Flamingo Finance Details $5M Hack, Recovery Plan

Flamingo Finance released a post-mortem to address the recent $5 million Poly Network exploit.

Following a significant security compromise, Flamingo Finance has published a comprehensive post-mortem report that addresses the recent exploitation of the Poly Network cross-chain CMCC bridge contract.

The Neo N3 blockchain’s cross-chain bridge was suspended, and its operations were impacted by the seizure of approximately $5 million in assets on August 12, 2024.

In partnership with Neo Global Development (NGD) and Poly Network, Flamingo Finance has initiated a comprehensive investigation and a series of recovery initiatives in response to this incident.

Poly Network Exploit: $5 Million Stolen Funds

The hacker exploited vulnerabilities in the smart contract and syphoned off approximately $4 to $5 million in assets due to the breach on August 12. The intrusion was explicitly targeted at the Poly Network CMCC contract.

The stolen funds, which included prominent tokens such as fUSDT, fWBTC, fWETH, fBNB, fCAKE, pWING, and pONT, accounted for approximately 20–25% of all cross-chain asset funds.

The bridge’s hot wallet was emptied of funds, while the cold wallet remained secure, averting an even more substantial loss.

In response to the compromise, Flamingo Finance and its partners promptly initiated an investigation to locate the stolen assets and freeze any wallets associated with the exploit.

The perpetrator has not yet returned the funds, despite efforts to encourage their return and the fact that a bounty has been offered.

Flamingo Finance remains optimistic that the assets can be recovered, although this outcome is not guaranteed.

The value of cross-chain f- and p-assets on the Flamingo platform has been substantially impacted as a direct consequence of the exploit.

The value of these assets is currently trading at approximately 75–80% of their unwrapped counterparts, which indicates the proportion of compromised funds.

Flamingo Finance’s Asset Support Initiative: A Route to Recovery

Flamingo Finance has implemented the Asset Support Initiative, a comprehensive recovery plan, to lessen the losses suffered by owners of the impacted f- and p-assets.

40,000,000 FLOCKS tokens, equivalent to 40,000,000 FLM (valued at approximately $2.5 million), will be distributed over two years as the foundation of the Asset Support Initiative.

Users who migrate their affected f—and p-assets to a new asset completely backed on the source chain will receive these tokens as compensation, guaranteeing a restored peg and increased stability.

The migration process is intended to enable users to exchange their existing cross-chain assets for new variants that are 1:1 equivalent to their unwrapped counterparts.

In addition to the new assets, users will receive FLOCKS tokens equivalent to 50% of their realised losses, distributed over 24 monthly payments.

This progressive compensation is intended to mitigate the financial impact and provide users with a means to recoup some of their losses over time.

Flamingo Finance has announced that FLOCKS token payments will cease if the stolen funds are recovered, and the assets will be returned to the affected users. This statement is made even though the breach did not involve their systems, but it still impacts user confidence.

It is important to note that this is not the first attack on Poly Network; in June 2023, a notable exploit was also reported, and Poly Network lost a minimum of USD 600.3 million in funds.

This month’s most recent assault is not the first. Similarly, the Ronin Network was also subjected to a security compromise that resulted in the loss of 3,996 Ether tokens, estimated to be worth an estimated $9.8 million.

The hacker’s intentions remain ambiguous, as the funds have not yet been returned, despite speculation that the breach was perpetrated by a white hat hacker known to return stolen assets after exposing security flaws.

Previous Article

Base Nears 4M Users in Onchain Summer campaign

Next Article

Ledn Gets $50M Bitcoin-Backed Loan From Sygnum Bank