Bankless Times
Ethical hacker helps recover millions lost in StableMagnet rug pull
HomeNewsEthical hacker helps recover millions lost in StableMagnet rug pull

Ethical hacker helps recover millions lost in StableMagnet rug pull

Top News
Daniela Kirova
Daniela Kirova
January 31st, 2023
Why trust us
Advertiser Disclosure
  • Most of the funds were recovered and returned to investors
  • Scam was tracked down to a group of Chinese people in Hong Kong
  • Police arrested the criminals in Manchester

An anonymous ethical hacker shared insights with CoinTelegraph into how he tracked down a group of DeFi scammers, who were behind the $27+ million StableMagnet rug pull. He got police authorities involved. Eventually, part of the funds were recovered and returned to investors.

Novel attack method

The rug pull came thanks to a novel attack method. Library source code is not verified by Etherscan or BscScan, which made it possible for the cybercriminals at StableMagnet to use a code library that was different from the one in the source code. No one checked the platform’s SwapUtils library.

StableMagnet misled investors to believe they would get high returns on stablecoin deposits. The platform made away with the millions invested by over 1000 users.

The ethical hacker was also a victim

Before the attack occurred, the vigilante hacker checked the code to make sure the project was legitimate as he was considering an investment himself. However, he missed a couple of tweets about vulnerabilities in the system.

He took the loss personally and set out to track down the scammers. He told CoinTelegraph in an interview:

I just felt like this was the only opportunity in my life — to have a very meaningful impact in a situation where most people are not going to have the time and the gusto to do that kind of thing.

He started by identifying a GitHub account and got to the scammers’ family members through social networks. Ultimately, the scam was tracked down to a group of Chinese people in Hong Kong. He also learned they were traveling to a Chinatown in Manchester.

He said he didn't want them to go to jail because he wasn’t keen on centralized authorities entering the decentralized world.

From Hong Kong to Manchester

Ultimately, he did get Manchester police involved, but not before buying a one-way ticket to the English city. To his dismay, the police reacted swiftly and even arrested some of the criminals. Part of the money was retrieved. The police found pieces of a USB device with around $9 million.

Subsequently, other members of StableMagnet cooperated with the ethical hacker and most f the funds were returned. He concludes:

Once that occurred, it was believable to the other project people (scammers) that I wasn't BSing about finding them and knowing where they were and being able to get them caught. It's not a good idea to scam, at least not on Binance Smart Chain.

Contributors

Daniela Kirova
Daniela Kirova
Writer
Daniela is a writer at Bankless Times, covering the latest news on the cryptocurrency market and blockchain industry. She has over 15 years of experience as a writer, having ghostwritten for several online publications in the financial sector.