Smart contract security audit-focused CertiK has announced that it has frozen $160,000 withdrawn from the Merlin decentralized exchange as a result of an exploit.
We have successfully frozen $160K of the stolen funds with the help of partners. We will continue to monitor the movement of all stolen funds in an attempt to freeze and recover the remaining amount.
— CertiK (@CertiK) May 4, 2023
“We will continue to monitor the movement of all stolen funds in an attempt to freeze and return the remaining amount,” CertiK representatives said.
On April 26, the platform’s main liquidity pools were drained. The team reported the exploit and advised users to revoke approvals for all smart contracts.
Merlin noted that user funds were taken out by several members of the technical team, organizing a scheme rug-pull.
CertiK also confirmed the developers’ involvement in the incident. The company has already turned to US and UK law enforcement agencies for help in the investigation.
“It was an internal struggle. Merlin insiders abused the privileges of the owner of the wallet. At first, we tried to cooperate with the remaining members of the Merlin team, but several people were unwilling to confirm their real identity, ”the security experts explained.
Previously, the Merlin team announced the development of a compensation plan together with CertiK. They also offered the alleged scammers to accept a reward of 20% of the withdrawn funds and return the rest.
In April, an attacker who stole about $9 million from the DEX SafeMoon liquidity pool on BNB Chain agreed to return 80% of the funds.
Stay in touch! Subscribe to CryptoNewsHerald.com at Telegram.