The private key of multiple addresses were compromised, and hackers drained the assets on multiple chains.

Take ETH as an example.

The Deployer address of DEGO Finance is:

0x20FE4B1eD95911487499e53355BB8f14a881D735

The hacker’s address:

0x118203B0f2A3ef9e749D871C8fEF5e5e55ef5C91

The hacker minted 592,582.35 DEGO tokens to the Deployer account of DEGO and 0x118 account respectively via private key:

Then removed the liquidity of the ETH-DEGO trading pool:

The hacker obtained 269,502 DEGO tokens and 378 ETH by removing liquidity from the Deployer account.

Then the 378 ETH obtained by the Deployer account was transferred to the 0x118 address.

At the same time, the hacker transferred 441 yvWETH originally belonged to the project’s address to the 0x118 address.

At this time, there were 757.4 (371.6+378.75+7.10) ETHs in the 0x118 account.

As of this writing, all the stolen assets still remained on the 0x118 address and have not been transferred out.

BSC

Cronos

Beosin will continue to monitor this address.

Contact US

Website: https://beosin.com/

Email：contact@beosin.com

Twitter: https://twitter.com/Beosin_com

Telegram: https://t.me/beosin

Medium：https://medium.com/@Beosin

Github: https://github.com/Beosin20180329

Discord: https://discord.com/invite/B4QJxhStV4