This article comes fromLinkined, the original author: Victor Fang, AnChain.AI, compiled by Odaily translator Katie Ku.
statement:This article is a real case of the DeFi Million Dollar Theft Case recently solved by the AnChain.AI team in San Francisco. Based on the signed user confidentiality agreement, no personal information about users will be involved here.
secondary title
01 The multi-million dollar cat lost in the quantum state - Schrodingers Cat (Schrodingers Cat)
Victor, are you there?
San Francisco, 8:27 p.m., I get a text from my investor friend.
I frowned. I usually get calls from VCs at night, either with special good news or bad news.
My hunch tells me it should be bad news:
“My friend’s Metamask (Ethereum wallet) was hacked. It’s DeFi with millions of dollars in it.”
I replied: Tell them to call me.
A few minutes later, a phone number starting with 650 called. On the other end of the phone, Catherine explained what happened in a trembling and anxious voice. Shes a VC in San Francisco and her Metamask wallet has just been hacked.
At 9:00 that night, I called an emergency meeting with Tom and Ralph in attendance.
A day ago, Catherine fell into a social engineering scam trap, resulting in the theft of the Metamask Ethereum wallet and the disclosure of the private key.
The wallet was wiped out, and 4 ETH was transferred to the hackers wallet.
The biggest problem is that the hacked wallet has mortgaged $1.2 million of ERC20 USDC stablecoins on a DeFi smart contract, and it adopts the model of liquidity mining (investing funds in different DeFi protocols to earn the most returns).
The pledged DeFi assets are still there, but the $1.2 million may disappear at any time.
These mortgaged assets are like Schrodingers Cat: lost in a quantum state, locked in a sealed, cold hard box, just like the Copenhagen quantum experiment. As a result, only when the box is opened (connected to the stolen wallet) is it known whether the mortgaged assets are still there.
It is not clear whether the hacker knew about the existence of the mortgaged DeFi assets, or he had been secretly observing the wallet situation:
Assumption 1: Hackers already knew. They may be waiting for higher DeFi returns before doing it?
Assumption 2: The hacker is unaware. But if we keep interacting with Ethereum, sooner or later hackers will find these collateralized assets.
We can test it out, and the answer will come.
But there are also problems with this method, and it is likely that the end result is that curiosity killed the cat.
Most users find AnChain.AI because their cryptocurrencies were stolen and want to try to save the loss through blockchain security services. But usually this situation is too late, even though we make the last remedy, we can only get back part of the money.
But the theft of DeFi has brought us new opportunities. If we play the game well, it is possible to recover $1.2 million.In my reply email I wrote:
The money in your wallet can be stolen at any time, and you need to call in the help of emergency response experts. The following are our suggestions, whether you choose our services in the end or not.
Disconnect from the network and turn off the computer.
Go online with a brand new computer.
Do not share private keys with anyone, including security companies.
As I write my last piece of advice,Dark ForestDark Forest
The word flashed through my mind.
At 7am, I woke up to a signed email that had been sent after 4am. It must have been a long night for Catherine. After verifying that the asset belonged to her, the emergency response team began working on the stolen wallet.
Ethereum is like a dark forest. The AnChain.AI team could feel the intimidating green eyes staring straight at us in the dark forest we were about to explore, as if anyone could be its next prey. While no one is asking for it, we all know it. Whether the million-dollar Schrödingers cat can be saved is the real question.
secondary title
02 Analyzing the Devil in the Dark Forest: Hacker Characteristics
The most famous emergency response team in the world is FireEye Mandiant. They follow the principle of network security first, and the principle manual was written by CEO Kevin Mandia and staff.
After I left FireEye Mandiant to start AnChain.AI, I brought the best cyber security practice experience and co-created AnChian.AIs blockchain emergency response project team.
Compared with network or cloud security, blockchain security presents its unique challenges in the decentralized West.
Emergency response mainly faces two problems: investigation and treatment.Among them, the purpose of the investigation is to find out the answer: Who is the hacker?
Hacker signatures are used to deduce the hackers TTP - including theft techniques, techniques and steps.
What tools did the hackers use?
Computer monitoring: In addition to social engineering phishing website methods, through malware and illegal means, the Chrome browser Metamask wallet plug-in of Catherines computer can also be used to invade the computer.
Blockchain surveillance: Investigate hackers by setting up software related to blockchain transactions and liquidity. A chief information officer (CISO) investigation tool visualizes the hacker’s on-chain activity trajectory. We did not notice any changes in the smart contract, except for token transactions.I opened up AnChain.AIs CIIO investigation tool and started researching the victim and hacker addresses.
It looks like six people have already fallen for the hackers phishing scam. The same trick happened in the 2020 Twitter hacking investigation, and the stolen funds in that stolen case have been transferred to other wallets.
Thank God, fortunately, the DeFi collateral assets of our customers are still there.
Where is the hacker address?
Unlike web servers that can track IP addresses and user agent strings, the Ethereum blockchain ledger can only anonymously record wallet addresses and the state of smart contracts. A fast running Python script calculates relevant wallet statistics and then displays the probability density function when the hacker is active. Displayed results suggest that the hackers may be based in East Asia.
Based on our portrayal of the Black Forest Demon, a geek based in East Asia who specializes in hacking computers. But it is very likely that this person does not understand DeFi and smart contracts.
secondary title
03 Make a response planIt is said in The Art of WarKnow yourself and know the enemy, and you will never be imperiled in a hundred battles,
This forms the basis of our response plan.
Our remedy is to transfer $1.2 million in stablecoins to Catherines new hardware wallet (where safe).
Our greatest hope lies in the smart contracts of DeFi, especially the plans formulated by the emergency response team:
Plan A: Can the assets in it be withdrawn to a different wallet, and bypass the stolen wallet?
Tomo received the code for the DeFi smart contract:
However, there is no recipient for withdrawing coins, and the assets can only be withdrawn to the original wallet. It is worth mentioning that Uniswap has taken this situation into consideration and has set up relevant coping procedures.
Plan B: Can we freeze assets? In this way, hackers cannot transfer assets.
In DeFi governance, freezing is a key function.
But as shown in the figure, for stablecoins, this function is not locked in the transaction.
Plan C: Most well-designed DeFi has a “pause” admin button for emergencies.
However, setting pause can only suspend the transaction of a certain token contract, which does not apply to personal wallets, and is not suitable for this theft.
Clearly, this DeFi product didnt take this emergency into account, which is disappointing.
At the same time, I also contacted the Telegram group, email, Twitter, LinkedIn and their investors of the DeFi product team. Desperate perhaps, but they do have a solid reputation in the marketplace.
However, we didnt get the reply as we expected (this is also what we expected).
Because poor customer service is a common problem for DeFi products.
As an avid fan of the Japanese manga Dragon Ball Z, I think this Plan Z is as nirvana as the trick in the game, we will know when we try it.
secondary title
04 Plan Z: Precision Restorative Surgery
My colleague, Dr. Anderson, a surgeon at the Institute, never drank coffee the day before his surgery. Because caffeine affects his fingers. He once waved his hand, laughed and told me he needed surgical precision.
Emergency handling also requires precision repair, and excessive tension will cause the plan to fail.
Plan Z is our last hope. Although it is full of risks, it can be divided into the following three simple steps:
Transfer ETH as a handling fee to the stolen wallet;
Withdraw the pledged assets from the DeFi mining pool to the stolen wallet;
Get all to a safe place.
“I explained the steps of the plan to Catherine and quickly realized that the plan was more reckless than it was written in theory. Sounds like a horror plan: What if the hackers get ahead of you?The key to plan Z is speed
, our automatic defense mechanism will increase our chances of winning, let me explain first.
From the analysis, I derived a game-theoretic strategy enumerating all possible scenarios. When I face complex and uncertain things, I like to use this method of analysis.
Hackers may not be aware of our plan or are quietly transferring assets to other wallets, or they may have been set up automatically.
Even if hackers use automatic settings, our engineers assure me that there is an 80% chance of winning. Game theory shows that we have a 93% chance of winning this battle, which is pretty high. But with such a large amount of money, the 7% failure rate is also very nervous.As mentioned earlier, Plan Z is all about speed. Specifically, our goal is to minimize the time lag between redemption and transaction.
There are two key steps to this;
Redeem speed. The optimal fee for miners is the key. In 2020, due to the explosion of the DeFi market, Ethereums handling fees have risen with the tide and suffered infamy. In June, the average Gas fee even reached 700 ETH!
In the verification time of 33 seconds, 200Gwei is already the number one transaction fee in the Ethereum transaction pool for us. The handling fee of more than US$12.8 when redeeming DeFi products makes me feel bad, but it is very insignificant compared to US$1.2 million. Every second counts.
Offensive tools: Python scripts on web3 conduct illegal pre-transactions in the Ethereum transaction pool for confrontational transactions, so our ERC20 stablecoin transactions can be carried out first in the mining pool and transferred to the safe place we set . Please see below for related operations on illegal pre-trading.
>> FrontrunDarkForest.py
The offensive tool is ready, we name the file:
(Note: Due to the offensive nature of the tool, were skimming the technical details. But we may have a themed contest for Ethereum pre-transactions next. Stay tuned @AnChain.AI)
secondary title
05 Saving Schrödingers Cat
At 2 p.m., the million-dollar Schrodingers cat rescue program officially begins after two tests.
After taking a deep breath, Catherine opened the DeFi redemption website, logged in to the plugin of the metamask wallet, and connected the stolen wallet to DeFi.
Soon, Catherine was screaming hysterically, tears welling up in her eyes.
The balance is zero!? Whats going on!?The DeFi web page shows that the balance of the wallet in the mortgage pool is zero!
Everyone was silent for a while, but it just showed that there are mortgage assets. After rational analysis, the hacker may have checked the assets of the wallet long ago. But we didnt see the smart contract at the beginning, there is no way for hackers to steal the money.
I took a look at Catherines DeFi webpage, shouldnt the connected Ethereum address be displayed in the upper right corner?
Can you try connecting to the Metamask wallet again?
Catherine held her breath, closed the browser, reopened the DeFi web page, and reconnected to Metamask.
It shows that 1.2 million USDC is still in the mining pool.
Everyone breathed a sigh of relief, and everyone laughed at the absurdity of it all. But we don’t have time to discuss the irrationality of this DeFi product UI with a locked value of up to 200 million US dollars.FrontrunDarkForest.pyTomo sent the Python script
, transfer the ETH transaction fee to the stolen wallet, and then show that our tool is ready.
Catherine clicks Withdraw to confirm the 200Gwei handling fee, and the transaction is displayed on the Ethereum network.
Time seemed to stand still, only the beating of our hearts was heard.
When all the chips are in front of us, confidence can suddenly disappear at this time.
Thousands of CPU miners around the world across SparkPool, Nanopool and F2Pool mining pools are desperately trying to get a piece of this deal.
After 30 seconds have elapsed, the withdrawal transaction of the smart contract is successful and the 200 Gwei insurance fee works.FrontrunDarkForest.pysoon script
When it starts running, this message pops up:
[INFO] Advance transaction successful. Withdraw USDC to a safe location.
After 3 seconds, the Ethereum browser confirmed the transaction. USDC reaches the set safe wallet.
Technically, by 2:15 p.m., the emergency response was complete. It took just 33 seconds to rescue the $1.2 million Schrödingers cat from the Black Forest. The world is still at peace, and Demons of Asia is apparently still dreaming.
We waved goodbye and walked out of my office building. It was another sunny day in San Francisco, and the soothing fragrance of osmanthus calmed me, only realizing my shirt was drenched with sweat when the early autumn breeze brushed past me.
The Tesla was driving peacefully on Highway 101, and I started playing my favorite song, David Bowies Starman, just like in the movie The Martian. The exotic Dorian mode instantly changed the atmosphere of the universe, and then sang:
Star Superman waits in the sky,
He told us not to screw it up,
Because he knows it will all be worth it.
Hackers will soon see this unusual Ethereum transaction happening at lightning speed. He may feel that Star Superman has rescued Schrödingers cat from his dark forest and given it to its true owner.
secondary title
06 Lessons Learned
In Part 1 of the Emergency Response Bible [1], FireEye Mandiant and AnChain.AI advise to “prepare for the inevitable”. You wont be as lucky as Catherine, its just because you happen to know our investors. As a precautionary measure, make sure you have at least one person from the emergency response team on your contact list.
I have three questions for the anonymous DeFi team: When billions of dollars of assets are injected into liquidity pools, who do we contact for reliable customer support? Who do we suggest for better UI and UX? Who can insure investors critical assets like the FDIC? I dont know what the future of banking in DeFi will look like, unless these three points give me a convincing answer, what do you think?
secondary title
I would like to thank Daniel Robinson from Paradigm and Sue Xu from Amino Capital for their valuable feedback.
Quote:
[1]. Jason T. Luttgens, Matthew Pepe, Kevin Mandia, “Incident Response & Computer Forensics, 3rd Edition”, ISBN:9780071798686, McGraw-Hill Education, 2014
[2] Dan Robinson, https://medium.com/@danrobinson/ethereum-is-a-dark-forest-ecc5f0505dff
[3] Sam Sun, https://samczsun.com/escaping-the-dark-forest/