A pseudonymous white hat hacker, known as "0xflorent," has successfully recovered $2 million worth of Ether (ETH) that had been locked in a faulty initial coin offering (ICO) smart contract for nearly a decade. According to Cointelegraph, the hacker managed to retrieve approximately 1,003 ETH from 48 investors who participated in the Hong Coin (HONG) ICO. This decentralized venture capital fund never launched due to its failure to meet the funding goal.
The smart contract was designed to automatically refund investors, but a bug in the refund function prevented this, causing the funds to remain stuck. Data from Ethereum block explorer Etherscan indicates that one HONG investor has already received a refund of 96 ETH, while another received 0.5 ETH. Hong Coin was initially introduced in 2016, with a YouTube video promoting it as a community-driven venture capital fund. The ICO commenced on August 29, 2016, and concluded on October 28 of the same year. Investors were supposed to receive 250 million HONG tokens distributed over five stages, but the funding goal was not achieved, necessitating refunds.
0xflorent collaborated with the HONG creators to demonstrate how to unlock the trapped funds by exploiting a flawed admin function. This function, which contained an integer overflow vulnerability, allowed for the resetting of token holders' balances and triggered the refund mechanism. "The way out was an admin function with an integer overflow vulnerability," 0xflorent explained. "Calling it with a specific input resets a holder's balance and unblocks the refund check."
On May 24, 0xflorent also recovered a combined 19.33 ETH, valued at approximately $40,600, from a failed ICO project in January 2018 and a Liquality Wallet user who had funds trapped in a cross-chain transfer protocol. This recovery highlights the ongoing efforts of white hat hackers to rectify issues within the cryptocurrency space and ensure that investors can reclaim their funds from problematic projects.
Alex
