- Recently, Steadefi announced hackers took away some of their funds from their aggregation protocol. Apparently, the attack is still ongoing despite more than $334k being stolen from the heist.
- The developers behind the crypto aggregator offer a 10% bounty if the hackers return the stolen funds. However, they said they wouldn’t hesitate to throw a lawsuit if needed.
The latest crypto hack happened to Steadefi, an advanced crypto aggregator, on the 7th of August. Apparently, hackers came in contact with some of their central funding wallets and stole the funds. Now, Steadefi wants the hackers to come for a sort of agreement where the hackers get 10%, and they give them back 90%.
What is Steadefi?
Steadefi is a crypto protocol claiming the title of an advanced leverage yield aggregator. Apparently, this yield aggregator says investors can profit regardless of the market conditions.
In other words, whether it’s a bear or bull market, investors have the guarantee of making a profit. Also, Steadefi claims to provide different strategies for making profits on its platform. Additionally, those interested in their protocol will get automated risk management features.
Steadefi Gets Hacked?
Steadfi made the announcement on their Twitter account about the hack. Furthermore, they explained they sent a message to the hacker to initiate an agreement. Apparently, this agreement will lie on how to return the stolen funds. Steadfi told the hacker to keep about 10% of the stolen funds while returning 90% to the aggregator protocol.
But they reiterated taking legal action if the hacker fails to respond to messages sent through the wallet address. The hacker has from the day Steadefi sent the message to 10th August to respond to them. Failure to do so, they will start making plans for subsequent legal steps.
“You will have no risk of us pursuing this further, no risk of law enforcement issues, etc. If you choose not to partake in the voluntary return and complete the process by 10th August at 0800 UTC, we will expand the bounty to the public and offer the full 10% to the person who is able to identify you in a way that leads to your conviction in the courts. We will pursue you from all angles with the full extent of the law,” Steadfi said.
Already, the hacker stole the private key to the team’s deployer wallet, granting access to perform ownerOnly functions. More details show the hacker drained all loanable funds and paused farming contracts. Now those who deposited svTokens or ibTokens to farms have their funds stuck.
Is it an Inside Job?
From the comments on their Twitter page, many users are saying that the hack might be an inside job. In other words, someone on the team did the hack. Also, some patterns showed similarities with their announcement. It looked like a copy and past announcement. In fact, it was similar to a previous hack some days before.
And the Curved Finance hack indeed had similar announcements to Steadfi. Moreover, the statement released by Steady looked precisely the same as Curved Finance. Only their names and email addresses were different.
Wrapping up, the hack on Steadfi is still ongoing, although hackers took more than $334k of their funds. Moreover, Steadefi reached out to the hacker to make a repayment deal. Until now, there’s been no further update on the situation.