Blockchain security firm CertiK said it successfully froze $160,000 from the $1.8 million stolen by Merlin DEX rogue developers.
In a May 4 Twitter thread, CertiK re-emphasized that Merlin was rugpulled by insiders. According to the firm, efforts to collaborate with the project’s other team members proved futile because they were unwilling to verify their true identities.
CertiK said this lack of cooperation affected its efforts to aid victims of the exploit. However, it noted that it was working with law enforcement to bring the hackers to book.
The smart contract auditor added that it had committed $2 million to fighting exit scams.
On April 25, the zkSync-based decentralized exchange was exploited a few days after its launch. At the time, CertiK pointed out that the project had “centralization risks” in its audit of the firm.
In its recent statement, CertiK acknowledged that it did not do enough to highlight this risk appropriately. It wrote:
“Although the centralization risks were called out in the report, we didn’t make the impact of these findings as clear as they needed to be. The centralized privileges should have been distinctly highlighted so users were aware of the risks.”
To prevent a recurrence, it said it would “prioritize centralization risks in audit summaries to ensure users have a complete picture of potential risks.”
The post CertiK freezes $160k from stolen Merlin DEX funds appeared first on CryptoSlate.