{"id":126202,"date":"2025-04-01T03:16:03","date_gmt":"2025-04-01T03:16:03","guid":{"rendered":"http:\/\/cryptospotters.net\/?p=126202"},"modified":"2025-04-01T03:16:03","modified_gmt":"2025-04-01T03:16:03","slug":"sir-trading-begs-hacker-to-return-255k-or-no-chance-for-us-to-survive","status":"publish","type":"post","link":"http:\/\/cryptospotters.net\/?p=126202","title":{"rendered":"SIR.trading begs hacker to return $255K or \u2018no chance for us to survive\u2019"},"content":{"rendered":"<p>Source: Cointelegraph.com NewsThe founder of the recently hacked decentralized finance protocol SIR.trading has made an emotional plea to the attacker, asking them to return around 70% of the stolen customer funds otherwise, the protocol will not survive.<br \/>\n\u201cHere is my proposal, keep $100k as a fair share for your critical bug find, and return the remaining,\u201d SIR.trading\u2019s pseudonymous founder \u201cXatarrer\u201d wrote in a March 31 onchain message to the attacker following the $355,000 hack on March 30.<br \/>\n\u201cWe\u2019ll call it even. No legal games, no drama,\u201d they added.\u00a0<br \/>\nXatarrer said that SIR.trading was built on the back of four years of late-night coding and $70,000 from friends and believers without any additional venture capital funding.<br \/>\n\u201cWe grew to $400k TVL organically without any advertising. If you keep 100% of the funds, there is no chance for us to survive.\u201d<br \/>\nXatarrer even praised the hacker for the sophisticated hack, stating that it was \u201calmost beautiful if it wasn\u2019t for all the funds people lost.\u201d<br \/>\nSource: SIR.tradingThe hacker hasn\u2019t responded and has already transferred the stolen funds through to Ethereum privacy solution Railgun, according to data from Ethereum block explorer Etherscan.<br \/>\nXatarrer initially said on March 30 that the SIR.trading team intended to keep the protocol up and running despite the setback. \u201cWe\u2019ve already started planning our next steps. Those impacted by the hack will not be forgotten,\u201d it said on March 31.<br \/>\nHack resulted from feature added to Ethereum\u2019s Dencun upgrade<br \/>\nThe hacker targeted a callback function used in the protocol\u2019s \u201cvulnerable contract Vault\u201d which leverages Ethereum\u2019s transient storage feature.\u00a0<br \/>\nThe hacker managed to replace the real Uniswap pool address used in this callback function with an address under the hacker\u2019s control, allowing them to redirect the funds in the vault to their address by repeatedly calling the callback function until all of the protocol\u2019s total value locked was drained.<br \/>\nThe transient storage feature was added to Ethereum in the March 2024 Dencun upgrade as a solution to offer users lower gas fees than gas typically required for regular storage.<br \/>\nRelated: DeFi hacks drop 40% in 2024, CeFi breaches surge to $694M \u2014 Hacken<br \/>\nSIR.trading\u2019s documentation shows that it was billed as \u201ca new DeFi protocol for safer leverage\u201d to address some of the challenges that often occur in leveraged trading \u2014 such as volatility decay and liquidation risks.<br \/>\nIt comes as crypto lost to exploits and scams fell to $28.8M in March, blockchain security firm CertiK said in a March 31 X post. Around $4.8 million was subtracted from that figure after hackers involved in the 1inch Resolver incident returned the stolen funds.<br \/>\nCrypto exploits and scams had one of its worst months in February, headlined by the $1.4 billion Bybit hack.<br \/>\nMagazine: Should crypto projects ever negotiate with hackers? Probably<a href=\"https:\/\/cointelegraph.com\/news\/sir-trading-founder-begs-hacker-return-funds-or-wont-survive?utm_source=rss_feed&amp;utm_medium=rss&amp;utm_campaign=rss_partner_inbound\" target=\"_blank\" class=\"feedzy-rss-link-icon\" rel=\"noopener\">Read More<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>Source: Cointelegraph.com NewsThe founder of the recently hacked decentralized finance protocol SIR.trading has made an emotional plea to the attacker, asking them to return around 70% of the stolen customer&hellip; <\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"_links":{"self":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts\/126202"}],"collection":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=126202"}],"version-history":[{"count":0,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts\/126202\/revisions"}],"wp:attachment":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=126202"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=126202"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=126202"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}