About the Security Incident

Cryptonian · May 24, 2024, 3:45am

ALEX Security Incident Brief
https://x.com/ALEXLabBTC/status/1791020176332230988

Dear Community
We want to keep everyone informed about the recent attack and our ongoing efforts to address the situation with ALEX. Yesterday, we became aware of an exploit using compromised private keys obtained via a phishing attack. The exploiter was able to drain some assets from the ALEX protocol. We are prioritizing supporting our community and will share more detailed figures as open efforts to freeze funds progress.

KEY POINTS
Affected Assets: The exploiter conducted a targeted attack, taking over as the admin of one of the vaults associated with ALEX liquidity pool (https://explorer.hiro.so/txid/0x17d6c0f925134dbb75fa74d61dff9c20e681f37c834a7125717307af6825e4c6?chain=mainnet…) and affecting all assets in that vault (https://explorer.hiro.so/txid/SP3K8BC0PPEVCV7NZ6QSRWPQ2JE9E5B6N3PA0KBR9.alex-vault-v1-1?chain=mainnet…), including about 13.7 million STX, of which about 3 million was sent to various CEXs with the amount increasing and the balance remaining on a few wallets.

So far, we recovered all aBTC, sUSDT, xBTC, xUSD, ALEX, atALEX, LiSTX, LUNR, SKO, CHAX, $B20, ORDG, ORMM, ORNJ, TRIO, TX20 and STXS.

The smart contract code and infrastructure underlying ALEX were not compromised.

Monitoring and Actions
The exploiter’s wallets are being closely monitored, and all relevant centralized exchanges (CEXs) have been notified.
All known CEX accounts associated with the exploiter are frozen. Furthermore, all those exchanges have been requested to stop all deposit and withdrawal functions until further notice. In support of the effort to trace the stolen funds, we have set up multiple alarms to monitor all suspected addresses suspected to be created by the exploiters for the movement of funds.

Fund Recovery
A portion of the stolen funds have been identified and are in the process of being recovered from one CEX.
We are actively working through the required processes with other CEXs to facilitate the return of additional funds. Legal Measures: In further efforts to recover the stolen funds, we are preparing to file a police report to obtain police support on our recovery efforts if the exploiter does not come forward to cooperate with us in time.

Topic		Replies	Views
Update on the ALEX Incident Investigation Security Incident	1	79	June 25, 2024
ALEX Security Update Aug 19, 2024 Security Incident	1	63	August 19, 2024
Disclose ALEX team's asset transparently and allocate it to users Security Incident	16	365	May 26, 2024
Proposals on Current Treasury Program : Summarizing Community Feedback Security Incident	1	286	May 28, 2024
Proposal for Addressing the Alex Security Incident and Compensation Plan Security Incident	3	169	May 30, 2024

About the Security Incident

Related topics