The attack was a "classic price manipulation" exploit, according to the Ironblocks security firm. The attacker was able to steal 1,152 ETH ($2.13 million) from the protocol. They then tumbled the stolen funds through Tornado Cash.
Lin had created a project called "FrensTech", which aimed to capitalize on the popularity of a product called "friends.tech", and which ultimately accumulated the 14 ETH in fees before he decided to drain liquidity. Lin had not tried to conceal his identity. After the rug pull, Uniswap founder Hayden Adams wrote on Twitter: "Wanted to let people know this person is no longer with the company. Not behavior we support or condone."
Lin was unapologetic, tweeting: "got fired from uniswap, but gained 600 new followers and [crypto Twitter] villain status. net neutral tbh".
SpiritSwap was previously one of the most popular DEXes on Fantom, boasting an all-time-high of $374 million in January. It now has less than $3 million TVL, thanks in part to the Multichain collapse and to the broader cryptocurrency bear market.
SpiritSwap is only the most recent project to announce its closure as a result of the Multichain fiasco. In July, Geist Finance and Hector Network also announced they would be shutting down due to Multichain contagion.
Nevertheless, when Distrust disclosed this to Libbitcoin, the team replied first that they were too busy, then twice that "they do not feel this is a bug".
The research team has not yet disclosed which wallets were affected by the vulnerability, but they have estimated that around $900,000 were stolen as a result.
The project undertook a vote to shut down the lending service, and use remaining funds in the project treasury to try to compensate those who lost funds in the attack. The project also aims to distribute to victims of the hack claims on any funds that might be returned or otherwise recovered in the future.
The vote passed with 99% of votes in support, effectively sunsetting the project.
- "April 2023 Exploit Response Vote", Snapshot
"Jobless and a bit poorer, thanks guys!" he wrote. "You're passionate about its technology, you wanna be part of it. You DCA. You hodl. You do everything you can to do things right... you're passionate, love the space, the tech. The people. Your willingness to get a job in Web3 is enormous! I stand for on-chain values, and I wanna be a part of the wave!" he wrote in frustration, trying to explain how he'd gotten scammed. "The apparent legitimacy of these [web3 job listing] sites made me remove the 'watch out filter', and boom."
Bitsonic halted its services in August 2021, claiming "internal and external issues". However, even after halting withdrawals, Shin continued to offer cryptocurrency to new clients.
The project attempted to contact the hacker to negotiate the return of some of the funds. Meanwhile, various community members sent NFTs to the attacker wallet, requesting the return of the funds. One of them tried to convince the hacker, writing that they believed the attacker's identity could be discovered because they used centralized exchanges with KYC to try to withdraw funds. Another simply said "give it back you shitlord".