- Unizen, a DeFi protocol, experienced a security breach resulting in the loss of $2.1 million in user funds.
- Promptly, the platform announced plans to reimburse affected users, with refunds starting for those who lost $750,000 or less.
- Unizen is collaborating with law enforcement and forensic experts to identify the hacker and has committed to improving security measures in the future.
The DeFi protocol Unizen has declared its commitment to promptly refund users who fell victim to an exploit over the weekend. Following a compromise that led to the loss of approximately $2.1 million in user funds, the platform has pledged to reimburse users who lost $750,000 or less “as soon as humanly possible.”
Also read: This new AI-powered insurance platform merges NFTs and DeFi
Also read: Cryptography startup Zama secures $73M to enhance data privacy
Over $2 million had been drained
On March 9, blockchain analytics firm PeckShield identified an “approve issue” with the DeFi platform, revealing that over $2 million had been drained. Security advisories urged users to revoke approvals from the trade aggregator to prevent further loss. SlowMist, another security firm, estimated losses from the exploit to be around $2.1 million and observed that the attacker exchanged Tether for the stablecoin Dai.
The DeFi protocol offers a 20% bounty
Subsequently, the DeFi protocol initiated communication with the hacker through an on-chain message, offering a 20% bounty in exchange for returning the remaining stolen funds. They also disclosed ongoing collaboration with law enforcement and forensic experts to uncover the hacker’s identity. Despite ongoing bounty negotiations, Unizen swiftly began refunding victims of the hack, with plans to make 99% of affected users whole as soon as possible.
In their announcement, Unizen disclosed that founder and CEO Sean Noga provided funds to facilitate refunds, with reimbursements for users who lost below $750,000 commencing on March 11. Refunds will be issued in USDT or USD Coin. For users who lost more than $750,000, the protocol stated that they would address the matter on a case-by-case basis. Additionally, the company shared a video guide instructing users on how to review and revoke approvals within the platform to prevent further losses.
Sufficient evidence had been gathered
Unizen’s Chief Technology Officer, Martin Granstrom, affirmed that sufficient evidence had been gathered for a post-mortem report and confirmed collaboration with third-party firms on the investigation. Granstrom committed to sharing an incident report soon and vowed to enhance security measures in the future.
