Mixin Network extends $20M bug bounty amid breach

Mixin Network, a renowned cross-chain service, has extended a $20 million bug bounty reward to the alleged attacker who reportedly pilfered $200 million from its users over the weekend. This development has sent ripples through the blockchain community, highlighting the vulnerabilities inherent in the burgeoning technology.

Users of the platform owned the majority of the assets in question. To address this, Mixin has offered a reimbursement, allowing the attacker to retain $20 million of the assets as a bug bounty reward. This was communicated through an on-chain message unearthed by blockchain security firm PeckShield. The company has urged the attacker to get in touch via their official contact for reward details.

However, Mixin Network has conveyed that the losses were not as catastrophic as initially presumed. In a recent update on X, the platform shared that a comprehensive inventory of assets has been concluded, and the findings are somewhat relieving. The company has advised users and stakeholders to refrain from using Mixin Network for transactions until further clarifications are made.

The network had to momentarily suspend deposit and withdrawal services to rectify the purported $200 million vulnerability. This decision was made following an attack on the cloud service provider database of Mixin Network, as reported by SlowMist. The breach led to significant asset losses on its mainnet, prompting the company to seek assistance from Google and SlowMist for the ongoing investigation.

Moreover, the services are slated to resume once the identified vulnerabilities are rectified and a consensus is reached among all nodes. Meanwhile, transfers are expected to proceed as usual. Additionally, it is pertinent to note that OpenSea and Nansen, two other entities in the crypto realm, experienced security breaches due to vulnerabilities at one of their suppliers, a week before the Mixin incident.

Mixin founder, Feng Xiaodong, assured users in a subsequent webcast that at least half of the assets are secure. He emphasized the company’s commitment to safeguarding users’ wealth in Bitcoin or ether. The retrieval of the stolen funds remains a formidable challenge for the company.

To address the losses, Mixin is contemplating the introduction of bond tokens, allowing customers to claim in exchange for the remaining assets, with prospects of a future repurchase. The company is navigating through these tumultuous times, focusing on user asset security and organizational resilience.