Mixin Network offers $20M bug bounty to hackers in $200M hack

cointelegraph.com:

Mixin Network, a decentralized cross-chain protocol, in a message to the hacker behind the $200 million exploit on Sept. 23, has offered a $20-million bug bounty for the return of the remaining funds.

Mixin Network encrypted the message with the exploiter transaction, requesting the exploiter to return the funds as the majority of the stolen funds were user assets.

Mixin Network confirmed the exploit on Sept. 25, claiming the exploiters managed to breach a third-party cloud service provider, which resulted in the theft of nearly $200 million of assets from the platform.

[Announcement] In the early morning of September 23, 2023 Hong Kong time, the database of Mixin Network's cloud service provider was attacked by hackers, resulting in the loss of some assets on the mainnet. We have contacted Google and blockchain security company @SlowMist_Team…

Feng Xiaodong, founder of Mixin, said at the time that the company would reimburse affected users up to a “maximum of 50%,” with the remaining amount being handed back in bond tokens that the business would then repurchase with its earnings.

Mixin is yet to offer full details about what led to the exploit, but an on-chain analytic platform highlighted a history of the hacker’s interactions with Mixin Network. The hacker-associated address 0x1795 received 5 Ether (ETH) from Mixin in 2022.

Related: Remitano exchange hacked for $2.7M; $1.4M frozen by Tether

While it is still unclear how the exploiters managed to steal $200 million worth of assets through a data breach, cross-chain protocols in the decentralized finance (DeFi) space have been the target of some of the biggest exploits in crypto history. One report indicates more than half of all DeFi exploits occur on cross-chain