There was a security breach in the Neo migration address dated February 8, 2023, leading to unauthorized transfers of tokens to three separate addresses:
- NWa7NWZueuAwbN4y6GWGWy56V76LyyrB33
- NiFtgekYY6KY1XxwahVAyMtgX1WoJkrQXd
- NM1hSXxP8GSQcvxUNFAJgkuA4Btyz2ZMG1
Please refer to the previous announcement for more details.
The Neo Council responded promptly by blocking these addresses using the “BlockAccount” method in the native Policy contract to prevent further transactions. Before the block, the attacker converted various tokens including fUSDT, FLM, fwBTC, fwETH, and pONT to a total of 223,461 NEO using the Flamingo platform.
The hacker approached the Neo team on February 13, 2023, demanding a ransom. To prove their involvement in the breach, they provided the private key for one of the compromised addresses (NiFtgekYY6KY1XxwahVAyMtgX1WoJkrQXd). However, the hacker refused to provide further necessary information, leading to a breakdown in negotiations. The three addresses have remained blocked ever since.
Private key of NiFtgekYY6KY1XxwahVAyMtgX1WoJkrQXd: L2tK5fMFTUGRXfWCofKecyz4EgpQbCPrYBFVzzWVmfwVg7m4s3NN
A community member reported a delay exceeding 72 hours in the migration of fwBTC and subsequently contacted the Neo Global Development (NGD) team for assistance dated March 1, 2024. Upon investigation, NGD discovered that the fwBTC supplies were depleted due to the earlier unauthorized conversions performed by the attacker.
After a technical assessment of asset safety and the consultation with Neo Council members, it’s agreed to unblock the wallet address (NiFtgekYY6KY1XxwahVAyMtgX1WoJkrQXd).
Following extensive technical preparations, the Neo Foundation executed a series of transactions using the private key provided by the attacker dated April 15, 2024. These transactions aimed to reverse the unauthorized conversions, restoring the affected tokens — fUSDT, FLM, fwBTC, fwETH, and pONT — to facilitate the completion of all pending migrations.
About Neo
Founded in 2014, Neo is an open-source, community-driven blockchain platform designed to welcome developers into the Smart Economy. By enabling developers to digitize and automate the management of assets through smart contracts, Neo is built to realize the optimized digital world of the future. As the most developer-friendly blockchain, Neo meets developers where they are by integrating seamlessly with the world’s most widely used languages and tools and providing the most feature-complete blockchain platform for building full-stack decentralized applications. With native support for powerful infrastructure including decentralized storage, oracles, and domain name service, Neo is the ideal foundation for developers to build the next generation Internet.
Official Website | Twitter | Discord | Telegram | Facebook | Reddit | YouTube
