A security team led by ethical hackers who specialize in security audits has claimed that it has been offered a $500 bounty by the DxSale network, a decentralized token launch platform, after informing the platform of a breach that could cost it more than $5 million.
The reward is one of the lowest rewards ever offered to a white hat hacker.
$500 bonus for saving $5 million
Celebrating, lately blog postrevealed that on June 28, 2023 one of its researchers discovered a bug in an unverified smart contract on DxSale’s Binance Smart Chain (BSC) and received a $500 reward for their efforts.
According to the company, investigations revealed contract logic that was not secure enough to prevent hackers from draining funds locked into the contract during an Initial Decentralized Offering (IDO).
Based on the calculations, 21,600 WBNB (wrapped BNB) tokens could have been stolen in pools worth around $5.2 million at the time of the report if hackers had noticed the vulnerability. Meanwhile, the security company stated:
“Note that this number reflects the losses that can occur with an exploit targeting a single instance of the lockout contract. However, Dx has more insurance contracts on BSC and other chains.”
Alleged poor response from DxSale
Decurity claimed to have contacted DxSale after confirming the bug, but said it encountered friction from the project team, which was initially unresponsive, and later claimed to be aware of the problem. According to the blog post, the team stated that the contract in question was inactive, meaning it was not a threat.
Despite the initial response from DxSale, Decurity stated that it was able to contact DxSale’s founders and developers to discuss the situation.
As a way to fix the bug, the project developers decided to set a high insurance fee on June 29 as a solution to the problem to discourage attackers from performing any action. According to Decurity, the solution can deter hackers, but DxSale owners could drain money in the event of a potential rug withdrawal.
Although Team Dx has tried to debunk claims about hackers’ ability to drain money, citing protection from several auditing partners, including CertiK Skynet, the project has been moved to set high fees across other chains.
Meanwhile, Decurity has expressed some concerns about DxSale’s response to potential security threats, advising users to exercise caution when interacting with projects on the protocol.
While DxSale did not respond to Decurity’s claims, the decentralized launchpad announced a partnership With Vital Block Security on July 18.
Binance Free $100 (Exclusive): Use this link to sign up and get $100 free and 10% off Binance Futures first month (conditions).
PrimeXBT Special Offer: Use this link to register and enter code CRYPTOPOTATO50 to receive up to $7,000 on your deposits.