DAO Maker
Published in

DAO Maker

DAO Maker Statement — Thursday, 12th of August

The rapid expansion of the DAO Maker has posed several challenges to the ecosystem. These include turbulence in project onboarding and changes to company structure.

Regretfully, we must announce that in the early hours of August 12th (approx. 1 AM UTC) DAO Maker faced malicious use of one of our wallets with access to admin privileges.

The cybercriminal, after tentatively testing this exploit and managing to steal 10,000 USDC, then proceeded to quietly make 15 more transactions.

In this manner, the hacker was able to siphon approximately $7M, until our security team was able to trace, contain and stop the drain of funds. A total of 5251 users were affected, losing $1250 USD on average per user.

Fortunately, users with up to $900 have remained completely unaffected.

We decisively moved the unaffected funds to a brand-new secure wallet, while users are still able to withdraw their funds unimpeded, should they choose to do so.

Cipher Blade, a leading blockchain forensics expert company, has been contracted and is doing everything possible to track down the criminal and return the stolen funds. They have already identified an implicated Binance account and are closely collaborating with Etherscan to learn more about the hackers' whereabouts. Additionally, all exchanges have been already informed of the hackers' wallet.

The SHO contract has always been a hotspot for potential risk, as it was used for every single SHO. This is the precise reason why DAO Maker put in place certain contingencies, such as capping the maximum individual deposit amount to $10,000 USDC.

Presently, the SHO contract has been secured in order to prevent situations like this from occurring in the future.

Pending a full RCA (Root Cause Analysis), all deposits have been deactivated.

A few words on the safety of our Vaults:

We want to assure our investors and supporters — the Vaults are safe and the hack has had no detrimental impact on our business. Absolutely no one, not even us, has the ability to upgrade the code or remove any DAO from the Vaults. As a CEO, this has always been one of my core principles for DAO Maker.

The Vault contracts themselves are standard farm contracts and were successfully audited by 4 different firms.

Outro

Over the next five days, DAO Maker will devise a set of solutions to alleviate the incurred damages and work in full force to bring the hacker to justice through the massive forensics investigation undertaken. All affected users will be informed via email and on their DAO log-in portal.

We want to thank our past and current clients who have been exceedingly supportive during this turbulent time.

Sincerely,

Christoph Zaknun, CEO of DAO Maker

--

--

--

We are pioneering organized decentralized ecosystems that efficiently leverage human capital.

Recommended from Medium

DefendAgainst: Ransomware ‘STOP’/DJVU

Phishing tales: Microsoft Access Macro (.MAM) shortcuts

THE SCIENCE OF ENGINEERING MALWARE

MYKEY Weekly Report 37 (February 1st~February 7th)

How Security Analytics Will Define the Success of the Internet of Things

Cyber Security Interview Questions and Answers

Top 10 Tips for Burp Suite

{UPDATE} Hidden Objects Lost Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
B. M.

B. M.

Hello

More from Medium

Beta Update: Leaderboard, NFTs, and Smart Bots

How to Register on Bybit Symbiosis Launchpad

AMA On tehMoonwalkeR’s High Table Telegram

How to use Yugen Finance