The $5 million Ankr protocol hack on Dec. 1 was attributed to a former team member. According to an announcement on December 20 from the Ankr team.
The former employee carried out a “supply chain attack” bywear malicious code into future internal software update packages of the team. And when the software was updated, the malicious code created a security vulnerability that allowed attackers to steal team deployer keys from company servers.
The team previously announced that the vulnerability was caused by a stolen deployer key used to upgrade the protocol’s smart contracts, but at the time, they did not explain how the deployer key was stolen.
Ankr has contacted the police and is trying to bring the attacker to justice. It also attempts to strengthen security to protect future access to keys.
Ankr also pledged to improve its staffing practices. This will require a background check. even for people who work remotely And it will review access permissions to ensure only the employees who need it have access to critical information. The company will also be rolling out a new notification system to alert teams more quickly when things go wrong. normally happens
The post Ankr reveals “ex-workers” behind $5 million protocol hack on Dec. 1 appeared first on Bitcoin Addict.