VeChain Foundation Announcement
December 13, 8:27pm (UTC+8), the VeChain Foundation buyback address was compromised. Approximately 1.1 billion VET tokens in this address were transferred into 0xD802A148f38aBa4759879c33E8d04deb00cFB92b, the hacker’s address. All the addresses associated with the said hacker’s address have been tagged on VeChainStats, the list is automatically updated as soon as the hacker sends any funds from the original hacker’s address.
VeChain Foundation has been tracing the transfer of these VET Tokens in real-time and has taken several steps as outlined below to contain the situation.
- We have notified all exchanges to monitor, blacklist and freeze any funds coming from the hacker address and any withdraws from the corresponding exchanging wallets. We have paid special attention to the few exchanges which the hacker had sent funds to.
- We have launched an investigation into every fact around the address to determine the motive, method, and data flow behind this malicious act. We have narrowed down the possibilities enough to lead to a highly probable theory. Security breach was most likely due to misconduct of one of the team members within our finance team, who have created the buyback account without thoroughly obeying The Standard Procedure approved by the Foundation, and our auditing team did not pick up this misconduct, due to human error. We would like to emphasize that the incident is in no way related to the effectiveness of the actual Standard Procedure or VeChain’s hardware wallet solutions.
- We have enlisted the assistance of Hacken along with its whitehat community, and vechainstats.com teams to help with monitoring and containment of the situation. Their expertise in blockchain data management and cybersecurity will be of help to our efforts.
- We have also started a security check immediately on the other crypto assets under the custodian of the Foundation, to make sure no further breach will occur.
- We have reported this incident to law enforcement in Singapore.
We will continuously monitor the situation and work diligently with cybersecurity and law enforcement professionals to add more clarity to the situation and mitigate as much as possible.
This is an initial update to inform VET token holders of our current situation. A more detailed account of the event will follow once we gain more clarity.