Direct from the desk of Dane Williams.
I’m going to interrupt my regular blogging schedule, to today talk about something that's been bothering me.
That of course being the fallout from the recent SafeMoon hack.
I am just flabbergasted by the fact the SafeMoon team is telling people that allowing them to keep 20% of it is some sort of reward for their work in finding a security flaw.
On what planet is this okay?
With that in mind, let's dive into what happened in the SafeMoon hack and why I’m so disgusted that the hackers are allowed to get away with it.
The sad thing is, this most recent SafeMoon hack is just one example of the many instances where hackers have gotten away with stealing from innocent investors.
In this case, the hacker drained $8.9 million worth of Binance Coin from SafeMoon, a decentralised finance (DeFi) protocol that runs on BNB Chain.
This was done by exploiting a flaw in the smart contract, which allowed the hacker to manipulate the system and steal the funds.
According to on-chain data, the hacker has agreed to return 80% of the stolen funds, valued at $7.1 million.
The remaining 20% will be kept as a bug bounty, which is a common tactic used by hackers to legitimise their theft.
The SafeMoon developers have also confirmed that no charges will be filed against the hacker.
Umm WHAT?!
You just rolled over and agreed to suck their dick because it’s your regular investors who bear the brunt of the damage.
This is really where I take the most issue with the situation.
Calling it a bug bounty is a cop-out.
These hackers are simply thieves stealing from the poor.
The fact that they are being allowed to keep a portion of the stolen funds as a reward for their illegal actions is outrageous.
In saying that however, this is not the first time that a DeFi protocol has been hacked and the hacker has negotiated to keep a portion of the stolen funds as a bug bounty.
In fact, this has become a common trend among teams in the DeFi space.
Teams argue that bug bounties motivate hackers to report bugs instead of exploiting them.
Of course the argument is flawed anyway.
It's one thing to report a bug and receive a reward for doing so, but it's another thing entirely to exploit a system and steal from innocent investors.
I mean if that money is coming from the pool you stole from, it doesn't really work, right?
Bug bounties should not be used as an excuse to legitimise theft.
The fact that the hacker in this case is able to keep 20% of the stolen funds is unacceptable.
Sitting down to write this blog post, I am filled with frustration and anger at the fallout from the recent SafeMoon hack.
I find it simply APPALLING that the hackers have returned only a portion of the stolen funds and have otherwise gotten away with it.
As a memecoin, likely at the majority expense of regular mum and dad investors.
Appalling.
What's even worse is that the SafeMoon team got to be the ones to sell out their investors in the pool and had the hide to call it a bug bounty.
What a complete and utter cop-out.
I mean come on, at least have the sack to call it what it really is:
Allowing your community of n00bs who you sucked in with your scammy name, to be stolen from.
Gah, livid!
Anyway, thank you for coming to my TED Talk…
Best of probabilities to you.
Posted Using LeoFinance Beta
I've heard lower percentages, like ten percent or less, in other hack incidents. Hackers are heightening the bar.
Are you saying that in your opinion 10% or less is okay?
It's not a bounty, it's theft of users' funds.
I'm still mad after writing this post haha.
Posted Using LeoFinance Beta
%2-%3 can be reasonable. It's like a security check :) The system is battle tested by competent thieves :)
Lol, I was expecting you to suggest that most of these hackers are inside men, but since you didn't, I'll say it:
Some of the hacks are officiated by the team to steal from the users.
Ha, I wasn't even thinking along those lines.
I'm already mad at the SafeMoon team for accepting this and passing the costs onto their community.
Now I think my head is going to explode with rage.
SafeMoon is a scam.
Posted Using LeoFinance Beta
There will be giving more power to hackers to do the same. Instead if just reporting a bug, everyone would try to hack and get some juicy rewards from it. I think the concept of the bounty reward is flawed. 20% is too much!
I'm disgusted.
Posted Using LeoFinance Beta
Whether it's 20% or 2% a theft is a theft, but the hackers are smart, legitimizing the money is the only way they tend to truly get away with the crime. As for safemoon, I'm still thinking if there's any other viable solution other than just agreeing to the hacker's terms
Posted Using LeoFinance Beta
I didn't even think of this angle, but you're 100% correct!
Posted Using LeoFinance Beta
That is why is important not to invest everything in this asset class. It is decentralized and we need to deal with this type of behavior from hackers.
Yep, it is what it is...
Posted Using LeoFinance Beta
I get your point and you are right, its fishy AF they should press charges and talk to exchanges to freeze funds that way they neither gave anything to the hacker and they could consider it burn if possible so it some how compensate the community, they basically paid a ransom for the funds the hacker stole, but I dont think this will go away any time soon since a big part of the population still doesnt care about crypto
The thing is, there's always someone in some random jurisdiction willing to let people withdraw no matter what.
Where there's a will, there's a way for the hackers to get the money out :(
Posted Using LeoFinance Beta