Cross-chain protocol Mixin Network has offered the hacker behind the $200 million exploit a $20 million bug bounty reward to return the stolen assets.
Mixin Woos Hacker With $20 Million Bug Bounty
According to blockchain security firm Peckshield, the bug bounty offer was communicated as an on-chain message, with Mixin urging the bad actor to give back the loot, most of which belongs to platform users.
Related Reading: Another Crypto Exchange Has Been Hacked Just 3 Days After CoinEx
The message read:
Most of our platform assets were users’, and we hope you can refund them. You can keep $20M of the assets as a BUG Bunty Reward for the BUG. Contact us via bug@mixin.one for the reward details.
A bug bounty refers to compensation that developers offer to individuals for uncovering or reporting software bugs. It is usually employed as an incentive for ethical hackers to discover program vulnerabilities before bad actors do.
Mixin Network, who suffered a $200 million exploit on Sunday, is now using this strategy to negotiate a return of most of the stolen assets. According to an announcement on Monday, the cross-chain protocol confirmed that the heist occurred as a result of an attack on the database of its network cloud service provider.
This marks the third time in the last week that a crypto project was affected by an attack on a third-party provider after NFT marketplace OpenSea and on-chain analytics platform Nansen suffered similar fates.
So far, the project’s founder, Xiaodong Feng, has assured users that up to 50% of all stolen funds will be restored. Thereafter, the remaining debt will be settled via bond tokens, which Mixin will purchase back from users in the future. Meanwhile, all withdrawal and deposit services on Mixin still remain suspended.
Mixin Shares Latest Update On Investigation
Following the hack on Sunday, the developers of the cross-chain protocol confirmed via a post on X on Wednesday that it contracted Google and blockchain security firm SlowMist to aid in its investigative efforts.
[Update]The first time the incident occurred, we contacted Google (Mandiant) and blockchain security company @SlowMist_Team to assist with the investigation.
After several days, we have completed most of the asset tally work, and the situation is much more optimistic than… https://t.co/ySOHCkGK7t
— Mixin Kernel (@MixinKernel) September 27, 2023
In this post, Mixin claims to have almost finalized its asset count, and the situation looks much better than expected, as the losses are lesser than initially calculated.
The statement read:
After several days, we have completed most of the asset tally work, and the situation is much more optimistic than expected. The losses are not as significant as estimated.
Related Reading: CoinEx sheds light on hack investigation, withdrawals and compensation plans
The cross-chain protocol also urged users to stay off the network for now to avoid further losses.
At the time of writing, XIN, a native token of Mixin, trades at $147.01 with a 4.19% gain on the last day, showing signs of recovery from its crash on Sunday. However, on the 7-day chart, the token remains in the red zone with a 32.57% loss in market value.