Lendf.me / Uniswap Hack sees $25M stolen then returned

51% attacks on blockchain lead to $20m of cryptocurrency theft ...

The weekend of 18-19th of April 2020, saw one of the largest crypto thefts in recent years. A huge amount of Ethereum & Bitcoin (ETH & BTC) was stolen, with a price of around 25,000,000 USD. This happened in multiple attacks believed to be from the same origin, an individual or group.

The hacker then returned a large part of the funds in a very strange twist, detailed below. But first, what Hack?

Lendf.me was the main target of the attack, it is a decentralised lending protocol, part of the DeFi stack of dForce.

Uniswap is an automated liquidity protocol for Ethereum, it facilitates the automated exchange of ERC-20 tokens.

Out of the two Lendf.me was much harder hit, with around 99% of the stolen amount being taken from their dApp.

The attacker essentially used a reentrancy attack, where an external function call is exploited by an untrusted contract in order to take funds out before the withdrawal request is verified or rejected. It was not a vulnerability of the blockchain itself, rather an exploit available in some renditions of the ERC-777 token standard.

This form of attack has been known about since at least early 2019. It was outlined here. ConsenSys detailed that the ‘Liquidity pool can be stolen in some tokens’ in the manner exactly as was used.

This highlights the importance of security audits and involved development, with more and more situations arising that have previously been documented and therefor avoidable.

The sites connected to these dApps are currently down whilst the postmortem is carried out. This attack reminds us we are still in the early days of dApplication development and usage and it will no doubt reiterate the importance of security going forwards.

On the 21st of April the funds were returned, being around:

$10M of ETH
$6.6M of USDT
$2.2M of Huobi BTC
$750K of USDC
$381K of HUSD
$137K of DAI
$132K of MKR
$126K of PAX

All totalling at around 20M. Following, is a snapshot showing the return transactions.


As people started to dig deeper into the attack they found some bread crumbs were left behind, digital identifiers remained and once these were being publicly pieced together the funds started to be returned. It is not clear whether the hacker had the original intention of returning the funds or if it was a reaction based in fear at his plan not being fully thought out.