According to Cointelegraph, the decentralized anonymous lottery protocol Foom Cash lost approximately $2.26 million due to a security exploit, but a white-hat hacker intervened in time to recover $1.84 million (about 81% of the stolen funds). The security incident stemmed from a critical error during Foom Cash’s deployment, specifically involving a misconfiguration of the Groth16 verifier, which allowed attackers to submit forged proofs. The white-hat hacker, known as Duha, identified the vulnerability and swiftly secured the funds on the Base chain, while the security firm Decurity handled the rescue of funds on Ethereum. In return, Foom Cash paid the white-hat hacker a $320,000 bounty and Decurity a $100,000 security fee.
White Hat Hacker Recovers 81% of $2.26M Stolen from Foom Cash
TechFlowShare
Summary
A security breach targeted Foom Cash, a decentralized anonymous lottery protocol, resulting in the theft of $2.26 million in a recent exploit. White hat hacker Duha discovered a vulnerability in the Groth16 verifier setup that allowed forged proofs. Duha and Decurity recovered $1.84 million (81%) from Base and Ethereum. Foom Cash awarded a $320,000 bounty to Duha and $100,000 to Decurity. The incident has triggered a protocol update to prevent future attacks.
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.