In brief
- Hackers have begun returning over $25 million in funds taken from Chinese DeFi platform dForce.
- Around $2.6 million has been returned to dForce, after the stolen funds were blacklisted by exchanges.
- The hack took advantage of a known vulnerability in the ERC-777 token standard.
Hackers who siphoned over $25 million from Chinese DeFi platform dForce have started returning the now-blacklisted funds after failing to sell them.
Their change of heart was far from altruistic, however; the hackers found themselves at a loss after several exchanges blacklisted the funds. Unable to unload their stolen capital, the hackers reached out to dForce to strike up a deal.
"The hacker(s) have attempted to contact us and we intend to enter into discussions with them," dForce founder Mindao Yang noted in a blog post published yesterday.

Genius hacker exploits DeFi again, takes $1 million in total
A trader has again exploited a number of decentralized finance (DeFi) tools, to take home a large amount of Ethereum (ETH). After netting $350,000 on Valentineâs Day, he or she has now taken a further $645,000âa total just shy of a million dollars. The theft happened in the same way. A clever set of instructionsâall executed in one big transactionâenabled the trader to leverage current weaknesses in the DeFi ecosystem for their own gain. By using several decentralized financial tools, and a smal...
It seems those negotiations went well, as some of the stolen funds appear to have been returned. According to crypto researcher âFrank Topbottomâ, the hackers repaid 320 Huobi BTCâan ERC-20 version of Bitcoinâand 381,000 Huobi USD.
Congrats @dForcenet https://t.co/ZrHxUcnPZ8 pic.twitter.com/OO0yQH7B54
â Frank Topbottom (@FrankResearcher) April 19, 2020
While that only amounts to around $2.6 millionâaround 10% of the funds stolen in the hackâit's still a somewhat promising start.
How was dForce hacked?
On April 14, hackers exploited a known vulnerability within the ERC-777 token standardâusing a "reentrancy attack" to drain $25 million from various DeFi protocols within the dForce network.
In this unprecedented crisis, I am grateful for the supports from our users, community, partners, our team, and investors. https://t.co/TWRGIw1vcZ
â Mindao Yang (@mindaoyang) April 19, 2020
The same exploit was also used to funnel $300,000 from decentralized exchange Uniswap on Saturday.
But here's the kicker. The exploit was almost exactly the same as that used in the infamous DAO hack of 2016. On top of this, an audit of Uniswapâundertaken by ConsenSys well over a year agoâalready revealed the vulnerability, dubbing it a "major" issue.
Let's just hope it doesn't take another hack for the loophole to get patched up this time.