The wallet stolen by the hacker has 1.2 million USD in USDC pledged in the liquidity pool. The key to the problem is how to transfer the funds without disturbing the hacker.
Original title: “The Adventures of DeFi Dark Forest, I Recovered Million Dollars Like This”
Written by: Victor Fang, CEO of AnChain.AI
Translation: Katie Gu
This article is a real case of “DeFi Million Dollar Theft” recently solved by the AnChain.AI team in San Francisco. Based on the signed user confidentiality agreement, no personal information about the user will be involved here.
A multimillion-dollar cat lost in a quantum state-Schrodinger’s Cat
“Victor, are you there?”
San Francisco, at 8:27pm, I received a text message from my investor friend.
I frowned. Usually when I receive a call from VC at night, there is either a special good thing or bad news.
My hunch tells me that it should be bad news:
“My friend’s Metamask (Ethereum Wallet) was hacked. It was invested in a DeFi project with millions of dollars in it.”
I replied: “Let them call me.”
A few minutes later, a phone number beginning with “650” called. At the end of the phone, Catherine explained what happened in a trembling anxious voice. She is a VC investor in San Francisco, and her Metamask wallet has just been hacked.
At 9 o’clock that night, I called an emergency handling meeting. Tomo and Ralph attended the meeting.
One day ago, Catherine fell into a social engineering scam trap, which resulted in the theft of the Metamask Ethereum wallet and the disclosure of the private key.
The wallet was washed and emptied, and 4 ETH were transferred to the hacker’s wallet.
The biggest problem is that the hacked wallet has pledged 1.2 million U.S. dollars of ERC20 USDC stablecoin on a DeFi smart contract, and it adopts a liquid mining model (investing funds into different DeFi protocols to earn the most Return).
The pledged DeFi assets are still there, but the $1.2 million may disappear at any time.
These mortgaged assets are like Schrodinger’s Cat: just like the Copenhagen quantum experiment, they are lost in a quantum state and locked in a sealed, cold hard box. As a result, only when the box was opened (connected to the stolen wallet), it was known whether the mortgaged assets were still there.
We still don’t know if the hacker knows the existence of the DeFi assets being mortgaged, or if he has been observing the wallet secretly:
Assumption 1: Hackers have known for a long time. Maybe they are waiting for higher DeFi revenue before doing it?
Assumption 2: Hackers do not know. But if we keep interacting with Ethereum, sooner or later hackers will discover these collateralized assets.
We can test it, and the answer will appear.
But this method also has problems. It is likely that curiosity kills the cat in the end.
Most users find AnChain.AI because their cryptocurrency has been stolen, and want to save as much as possible through blockchain security services. But usually it’s too late for this situation, although we can only get back a portion of the money as a final remedy.
But the theft of DeFi has brought us new opportunities. If we play this game well, it is possible that 1.2 million US dollars will be lost and recovered.
I wrote in my reply email: “The money in your wallet may be stolen at any time. You need to request the help of an emergency handling expert. The following are our suggestions, regardless of whether you ultimately choose our company’s services.
- Disconnect the network and turn off the computer.
- Use a brand new computer to go online.
- Do not share the private key with anyone, including security companies.
- Do not connect your wallet with any DeFi products.
When I wrote the last piece of advice, the word “dark forest” flashed through my mind.
At 7 o’clock in the morning, I woke up and saw a signed email that was sent after 4 o’clock in the morning. This night must be particularly long for Catherine. After verifying that the assets belonged to her, the emergency response team began to deal with the stolen wallet incident.
As described in Liu Cixin’s science fiction novel The Three-Body, the “Dark Forest Law” believes that if a civilization is very afraid of other civilizations, they will eventually dare not reveal each other’s problems because they are worried that they will be immediately treated as The potential threat is destroyed.
Ethereum is like a dark forest. The AnChain.AI team can feel that the forbidding green eyes in the dark forest we are about to explore are staring straight at us, as if anyone could become its next prey. Although no one made this request, we all knew it well. Whether it can save the million-dollar Schrödinger cat is the key to the problem.
Analyzing the demons of the dark forest: hacker characteristics
The most famous emergency response team in the world is FireEye Mandiant. They abide by the principle of network security first. CEO Kevin Mandia and employees have written a principle manual.
After I resigned from FireEye Mandiant, I founded AnChain.AI. I brought the best network security practical experience and co-created AnChian.AI’s blockchain emergency response project team.
Compared with network or cloud security, blockchain security has revealed its unique challenges in the decentralized West.
Emergency response mainly faces two problems: investigation and handling.
Among them, the purpose of the investigation is to find the answer: “Who is the hacker?” Hacker characteristics are to infer the hacker’s TTP-including theft techniques, techniques and procedures.
What tools did the hacker use?
Computer surveillance: In addition to social engineering phishing websites, through malicious software and illegal means, the Chrome browser Metamask wallet plug-in of Catherine computers can also be used to invade computers.
Blockchain surveillance: Investigate hackers by setting up software related to blockchain transactions and liquidity. The Chief Information Officer (CISO) survey tool visualizes the hacker’s on-chain activity trajectory. We did not notice any changes in smart contracts, except for token transactions.
I opened AnChain.AI’s CIO survey tool and started researching the addresses of victims and hackers. It seems that six people have fallen into the trap of hackers’ phishing scams. The same technique occurred in the Twitter hacker investigation in 2020, and the funds stolen in the theft case have been transferred to other wallets.
Thank God, fortunately, the DeFi mortgage assets of our customers are still there.
Where is the hacker address?
Unlike web servers that can track IP addresses and user agent strings, the Ethereum blockchain ledger can only anonymously record wallet addresses and smart contract status. The fast-running Python script calculates relevant wallet statistics, and then displays the probability density function when the hacker is active. The displayed results indicate that the hacker may be in East Asia.
The probability distribution graph helps us find the best prime time. If the incident response is initiated too early or too late (understanding the hacker’s situation too early), the hacker may already know the existence of the emergency response team. If a hacker finds us, then our plan will be ruined. In order not to attract the attention of criminals, our best time is from 10 am to 8 pm Eastern Time.
According to our description of the Black Forest Demon, this is a geek in East Asia who is good at hacking computers. But it is very likely that this person does not understand DeFi and smart contracts.
Develop a response plan
“The Art of War” said that “knowing yourself and the enemy will never end in a hundred battles.” This laid the foundation for our response plan.
Our remedy is to transfer 1.2 million US dollars of stablecoins to Catherine’s new hardware wallet (a safe place).
Our greatest hope lies in the DeFi smart contract, especially the plan formulated by the emergency response team:
- Plan A: Can the assets inside be withdrawn to a different wallet and bypass the stolen wallet?
Tomo received the code of the DeFi smart contract:
However, there is no recipient of the withdrawal, and the asset can only be withdrawn to the original wallet. It is worth mentioning that Uniswap has taken this situation into consideration and set up relevant response procedures.
- Plan B: Can we freeze assets? In this way, hackers cannot transfer assets.
In DeFi governance, freezing is a very critical function.
But as shown in the figure, for stablecoins, this function is not locked in transactions.
- Plan C: Most well-designed DeFi has a “pause” management button to deal with emergencies.
However, setting a “suspend” can only suspend the transaction of a certain token contract, not suitable for personal wallets, and not suitable for this theft.
Obviously, this DeFi product has not considered this kind of emergency, which is really disappointing.
At the same time, I also contacted the Telegram group, email, Twitter, LinkedIn and their investors of the DeFi product team. It may be desperate, but they do have a good reputation in the market.
However, I did not get a response as expected (this is also what we expected).
Because poor customer service is a common problem of DeFi products.
We replied to Catherine: “Unlucky. We just summed up three solutions to save your losses directly from the DeFi wallet. In the end, only Plan Z is suitable. But this plan is risky. Are you ready?”
As a big fan of Japanese comics “Dragon Ball Z”, I think this plan Z is just like the trick in the game.
Plan Z: Precision Repair Surgery
My colleague, Dr. Anderson, is a surgeon at the Institute. He never drinks coffee the day before he has an operation. Because caffeine will affect his fingers. He once waved his hand and laughed and told me that he needed surgical precision.
Emergency handling also requires “precision repair”, and excessive tension will lead to failure of the plan.
Plan Z is our last hope. Although full of risks, it can be simply divided into the following three steps:
- Transfer ETH as a handling fee to the stolen wallet;
- Withdraw the pledged assets from the DeFi mining pool to the stolen wallet;
- All go to a safe place.
I explained the whole plan to Catherine, and quickly realized that the plan was more reckless than theoretically written. It sounds like a terrorist plan: “What if the hackers act one step earlier than you?”
“The key to Plan Z is speed. Our automatic defense mechanism will increase our chances of winning. Let me explain first.”
From the analysis, I summed up a game theory strategy, enumerating all the possible options. When I face complex and uncertain things, I like to use this method of analysis.
The hacker may not be aware of our plan or is quietly transferring assets to other wallets, or set it up automatically.
Even if the hacker uses automatic settings, our engineers assure me that there is an 80% chance of winning. Game theory shows that we have a 93% chance of winning this battle, which is a high probability. But facing such a large sum of money, the 7% failure rate is also very stressful.
As mentioned earlier, Plan Z is all about speed. Specifically, our goal is to minimize the time difference between redemption and transaction. This is divided into two key steps;
1. Redemption speed. The best fee for miners is the key. In 2020, due to the explosion of the DeFi market, Ethereum’s handling fees have risen and become infamous. In June, the average gas fee even reached 700 Ether!
2. Within the verification time of 33 seconds, 200 Ether is already the number one transaction fee in the Ethereum transaction pool for us. The handling fee of more than 12.8 US dollars when redeeming DeFi products makes me feel distressed, but it is very insignificant compared to 1.2 million US dollars. Every second is critical.
3. Offensive tools: The Python script on web3 performs illegal pre-transactions in the Ethereum trading pool for adversarial transactions, so our ERC20 stablecoin transactions can be performed first in the mining pool and transferred to our set Safe place. Please see below for related operations on illegal pre-trading.
The offensive tool is ready, we will name the file:
FrontrunDarkForest.py
After we tested the Rinkeby testnet, plan Z was ready to be completed.
(Note: Due to the offensive nature of the tool, we have passed the technical details in one stroke. However, we may hold an Ethereum pre-trading themed contest next. Please pay attention to @AnChain.AI)
“Save Schrodinger’s Cat”
At 2 pm, the million-dollar “Schrodinger’s Cat” rescue plan officially started after two tests.
After taking a deep breath, Catherine opened the DeFi redemption website, logged in to the plug-in of the metamask wallet, and connected the stolen wallet to DeFi.
Soon, Catherine began to scream hysterically, tears coming from her eyes.
“The balance is zero!? What’s the situation!?”
The DeFi webpage shows that the balance of the wallet in the mortgage pool is zero! Everyone was silent for a while, but it was just revealed that they had pledged assets. After rational analysis, the hacker may have checked the wallet’s assets long ago. But we didn’t see smart contracts at the beginning, and hackers have no way to steal this money.
I took a look at Catherine’s DeFi webpage, shouldn’t it show the connected Ethereum address in the upper right corner?
“Can you try to connect to the Metamask wallet again?”
Catherine held her breath, closed the browser, reopened the DeFi web page, and reconnected to Metamask.
It shows that 1.2 million USDC is still in the mining pool.
Everyone breathed a sigh of relief, everyone laughed at all this absurdity. But we don’t have time to discuss the irrationality of the UI of this DeFi product with a lock value of up to 200 million US dollars.
Tomo sent the Python script FrontrunDarkForest.py to transfer the ETH transaction fee to the stolen wallet, and then showed that our tool is ready.
Catherine clicks “Withdraw”, confirms the 200 Ether fee, and the transaction is displayed on the Ethereum network.
Time seemed to stand still, only our heartbeat was heard.
When all the chips are in front of us, confidence will suddenly disappear at this moment.
Thousands of CPU miners around the world in SparkPool, Nanopool and F2Pool mining pools are desperately trying to get a share of this transaction.
After 30 seconds, the smart contract withdrawal transaction was successful, and the insurance premium of 200 Gwei took effect.
Soon, the script FrontrunDarkForest.py started running, and this message popped up:
[INFO] The advance transaction was successful. USDC is withdrawn to a safe location.
After 3 seconds, the Ethereum browser confirmed the transaction. USDC arrives in the set secure wallet.
Technically speaking, by 2:15 pm, the emergency response task has been completed. It took only 33 seconds to rescue Schrödinger’s cat, which cost $1.2 million from the Black Forest. The world is still peaceful, and the “Demon of Asia” is clearly still in the dream.
We waved goodbye and walked out of my office building. It was another sunny day in San Francisco. The soothing fragrance of sweet-scented osmanthus calmed me. Only when the autumn breeze blew over me did I realize that my shirt was covered with sweat.
Tesla drove peacefully on Highway 101, and I started playing my favorite song, David Bowie’s “Starman”, just like in the movie “The Martian.” The exotic Dorian mode instantly changed the atmosphere of the universe, and then sang:
Star Superman is waiting in the sky,
He told us not to mess up,
Because he knows everything will be worth it.
I recalled Catherine’s bright smile when she saw the $1.2 million cryptocurrency on the hardware wallet address. She asked, “What would the hacker feel when he saw this?
Hackers will soon see this unusual Ethereum transaction happening at lightning speed. He might think that “Superman Star” has rescued Schrodinger’s cat from his dark forest and handed it over to the real owner.
Learned experience
In Part 1 of the “Emergency Response Bible” [1], FireEye Mandiant and AnChain.AI recommended “preparing for the inevitable.” You will not be as lucky as Catherine, it is only because you happen to know our investors. To take precautions, make sure you have at least one person from the emergency response team in your contact list.
Beware of social engineering scams. Catherine was hacked by a phishing website that tricked and stole her private key. As shown in Figure 1, she is not the only victim. Don’t think you are always smarter than hackers. Again, under no circumstances should you reveal your private key or password, those 12 or 24 words, remember?
I have three questions for the anonymous DeFi team: When billions of dollars of assets are injected into the liquidity pool, who will we contact to obtain reliable customer support? Who do we recommend a better user interface and user experience? Who can provide insurance for investors’ critical assets like the Federal Deposit Insurance Corporation? I don’t know what the future of DeFi banking will be, unless these three points can give me a convincing answer, what do you think?
I would like to thank Daniel Robinson of Paradigm and Sue Xu of Amino Capital for their valuable feedback.
Quote:
[1] Jason T. Luttgens, Matthew Pepe, Kevin Mandia, “Incident Response & Computer Forensics, 3rd Edition”, ISBN:9780071798686, McGraw-Hill Education, 2014
[2] Dan Robinson, https://medium.com/@danrobinson/ethereum-is-a-dark-forest-ecc5f0505dff
[3] Sam Sun, https://samczsun.com/escaping-the-dark-forest/
Source link: www.linkedin.com
