Dego Finance Key Compromised

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 19:31, 5 March 2023 by Azoundria (talk | contribs)
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' and 'General Prevention' sections to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Dego Finance

Dego Finance offers a foundation for NFT projects to acquire users, distribute tokens, and auction or trade NFTs. It was a relatively unknown project when they fell under attack, apparently due to compromised keys. The entire liquidity pool was drained and funds were successfully mixed through TornadoCash. While the project initially stated intention to reimburse affected users, thus far their communication has been cryptic and no plan has come forth.

This is a global/international case not involving a specific country. [1][2][3][4][5][6][7][8][9][10][11][12][13]

About Dego Finance

"DEGO Finance is an NFT+DeFi protocol and infrastructure with two functions: The project acts as an independent and open NFT ecosystem drawing users to the blockchain space. The NFT Suite offers services covering the full NFT lifecycle, enabling anyone to issue NFTs, participate in auctions, and trade NFTs."

"DEGO Finance is also building an NFT protocol to provide a cross-chain Layer 2 infrastructure. By building on multiple blockchains such as Binance Smart Chain, Ethereum, and Polkadot, DEGO Finance enables blockchain projects to acquire users, distribute tokens and develop more diverse NFT applications." "Recently, DEGO has embarked on a new journey on GameFi and will input more on R&D of Blockchain Games, Tokenisation of Game Assets, Asset Lending, and more."

"For the uninitiated, Dego Finance saw the light of day in 2020 and offered both DeFi and NFT tools. It claimed to be an open-NFT ecosystem that allowed users to mint non-fungible tokens initiate NFT mining in addition to auctions and trading."

"It also offers a cross-chain infrastructure to facilitate blockchain ventures to ramp up the user base, distribute tokens, as well as develop more diverse NFT-based apps. In March 2021, Binance announced listing the project in the Innovation Zone."

"At 3 AM UTC 10th/Feb/2022, we detected abnormal change of DEGO price on DEX and centralised exchange too." "$10M taken from Dego Finance and their partner Cocos-BCX."

"The hacker has drained DEGO pairs liquidity provided by the team on UniSwap and Pancake Swap, subsequently stealing 2613.40 BNB, 378.76 ETH and 492,316.41 DEGO tokens." "The hacker also hijacked DEGO’s Minting contract and minted a total of 1,185,164.71 DEGO tokens." "The exploiters withdrew more than $10 million from @dego_finance & @CocosBCX!"

"The team looked into this anomaly and quickly concluded there has been a well-organised hacking event from approx. 11:29 PM UTC 9th/Feb/2022, targeting DEGO team addresses hosting DEGO tokens and DEX liquidity (DEGO/ETH, DEGO/BNB)."

"We have just found out that our address providing liquidity on @UniSwap & @PancakeSwap was hacked hence DEGO pairs liquidity provided by the team was drained. We have already contacted operation team @binance, @kucoincom, @gate_io. They have closed deposit on DEGO."

"Dego have claimed this to be a case of compromised keys." "Dego Finance’s official Twitter handle claimed that its own address providing liquidity on popular decentralized exchanges – Uniswap and PancakeSwap – was compromised. As a result, DEGO pairs liquidity provided by the team was drained."

"We've always been there. Today is a sad day. We are investigating the cause and trying to recover the loss."

"Attacker’s address (0x118…c91) obtained assets worth more than $2.4 million on BSC, more than $4.9 million on ETH. Even assets on Cronos 196,256.723USDT and 199,401.967USDC were exploited."

"The hacker used Tornado.Cash to mix funds." "The Hacker liquidated 1,288,233.59 DEGO tokens through an instant exchange service (DEGO Price fell by 12.90% from $4.42 — $3.85 by 12 PM UTC 9th/Feb/2022), which operates accounts on centralised exchanges and offers No-KYC service. Some of the proceeds were converted to BTC and XMR." "Dego Finance’s token, DEGO took a severe beating following the hack. It slumped by almost 20% from $4.50 to $3.65 in the wee hours of Thursday morning."

"The team contacted major exchanges in private and made public announcements on Twitter to warn all centralised exchanges. We were lucky to receive a quick response from some exchanges that they have shut down DEGO token deposits temporarily to shield users from potential damage on markets."

"Post the news, different exchanges such as Binance, Kucoin, and Gate.io shut all deposits of its native governance and equity token, DEGO. The protocol urged Uniswap, Poloniex, PancakeSwap, WazirX, etc., to do the same to offset the losses.

"After going through all team addresses, we have rescued a good amount of DEGO tokens and stored them somewhere safe."

"We engaged SlowMist and Certik and PeckShield teams for professional advice and solutions." "We worked with EtherScan team and some of hacker’s addresses has been marked."

"Second, we have also heard a lot of conspiracy theories, and we would like to clarify that the team’s assets suffered the most financial loss in this incident, making us the biggest victim. We have been working hard on solutions and are pursuing help from law enforcement."

"A total of 602,562.35 DEGO tokens are still in the hacker’s possession but cannot be liquidated in major exchanges since the lockdown."

“We’ll keep all stakeholders updated on the latest developments, as well as talk to reputable security teams on how to identify the hacker and retrieve loss. We would ask the hacker to come forward and communicate.”

"After the incident, we are happy to receive people's caring messages and helping hands. We'll keep all of you updated on the latest developments while working on a solution for remedy."

And posting interesting quotes: "Do you believe that there's an alternative self in parallel time&space? If each parallel world is a light, how many lights do you think are still on? Does the external world still exist? From an idealist view, when our consciousness disappears, the world will disappear."

"Despite their poor security decisions, the DEGO price chart shows a steady recovery, perhaps due to their large following on Twitter (~194K) and other medias."

"Since the attack, Cocos-BCX have switched ownership to a multi-sig."

This is a global/international case not involving a specific country.

The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

  • Known history of when and how the service was started.
  • What problems does the company or service claim to solve?
  • What marketing materials were used by the firm or business?
  • Audits performed, and excerpts that may have been included.
  • Business registration documents shown (fake or legitimate).
  • How were people recruited to participate?
  • Public warnings and announcements prior to the event.

Don't Include:

  • Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
  • Anything that wasn't reasonably knowable at the time of the event.

There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - Dego Finance Key Compromised
Date Event Description
February 10th, 2022 1:31:00 AM MST Main Event Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.

Total Amount Lost

The total amount lost has been estimated at $10,000,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

General Prevention Policies

The way to protect the project was simple - use a multi-sig. The problem appears to have come about because there was only one key, and that key was compromised. Our framework proposes that uninsured user funds be placed in an offline multi-signature wallet, held by known trained individuals.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. Rekt - Dego Finance - REKT (Feb 18, 2022)
  2. https://dego.finance/home (Feb 21, 2022)
  3. What is dego.finance - dego.finance (Feb 22, 2022)
  4. @dego_finance Twitter (Feb 22, 2022)
  5. DeFi hack: DEGO Finance loses over $10M, urges exchanges to stop all deposits - AMBCrypto (Feb 22, 2022)
  6. @PeckShieldAlert Twitter (Feb 22, 2022)
  7. @dego_finance Twitter (Feb 22, 2022)
  8. To Dego Community Summary Of The Event After A Thorough Investigation And Efforts (Feb 22, 2022)
  9. @dego_finance Twitter (Feb 22, 2022)
  10. Breaking: Binance Listed DeFi Protocol DEGO Finance Hacked (Feb 22, 2022)
  11. Morioh (Feb 22, 2022)
  12. DeFi Project Dego Finance Hacked: Exploiters Reportedly Drain Over $10M (Feb 22, 2022)
  13. https://coinmarketcap.com/currencies/dego-finance/ (Feb 22, 2022)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Dego_Finance_Key_Compromised&oldid=2967"