The attacker withdrew $ 15 million from Andre Cronje’s new DeFi project, using the ecosystem deployed for tests.
3/x 5. We posted the first clan "Spartans". And I went to bed.
6. Around ~3AM I was messaged awake to find out a) almost 15m was deposited into the contracts b) the contracts were exploited for the full 15m and c) 8m was sent to my yearn: deployer account.
— Andre Cronje (@AndreCronjeTech) September 29, 2020
Eminence is presented by the developers as an economy for a multi-game universe.
The day before, Cronje and the team completed the development of the project concept and deployed intermediate contracts on Ethereum to continue testing. They also published art teasers of the project.
Eminence was at least three weeks away from launch, Cronje said.
At night, he was woken up with a message that users had invested $ 15 million in contracts, which the attacker had completely withdrawn. The hacker returned the $ 8 million to Cronje by sending it to a deployment account on yEarn Finance.
He has already promised to distribute these funds among users based on a snapshot of balances before the hack.
As I am receiving a fair amount of threats, I have asked yearn treasury to assist with refunding the 8m the hacker sent. The multisig is safer and as such I feel more comfortable with them having the funds. Funds will be returned to holders pre-hack snapshot. //t.co/wbputn5hYD
— Andre Cronje (@AndreCronjeTech) September 29, 2020
Cronje noted that neither the contracts nor the ecosystem were final. He called its deployment a common practice of “testing in a product.”
A user in the comments noticed that Cronje retweeted one of the teasers of the project 15 minutes before the hack when he allegedly went to bed.
Well-known trader Alex Kruger drew attention to a certain sequence of actions:
- creating excitement;
- active promotion to attract the attention of investors;
- unfinished product launch;
- hack
As I am receiving a fair amount of threats, I have asked yearn treasury to assist with refunding the 8m the hacker sent. The multisig is safer and as such I feel more comfortable with them having the funds. Funds will be returned to holders pre-hack snapshot. //t.co/wbputn5hYD
— Andre Cronje (@AndreCronjeTech) September 29, 2020