VeChain buyback address compromised for 1.1 billion VET

December 13, 8:27pm (UTC+8), the VeChain Foundation buyback address was compromised. Approximately 1.1 billion VET tokens in this address were transferred into 0xD802A148f38aBa4759879c33E8d04deb00cFB92b, the hacker’s address. All the addresses associated with the said hacker’s address have been tagged on VeChainStats, the list is automatically updated as soon as the hacker sends any funds from the original hacker’s address.

VeChain Foundation has been tracing the transfer of these VET Tokens in real-time and has taken several steps as outlined below to contain the situation.

1. We have notified all exchanges to monitor, blacklist and freeze any funds coming from the hacker address and any withdraws from the corresponding exchanging wallets. We have paid special attention to the few exchanges which the hacker had sent funds to.
2. We have launched an investigation into every fact around the address to determine the motive, method, and data flow behind this malicious act. We have narrowed down the possibilities enough to lead to a highly probable theory. Security breach was most likely due to misconduct of one of the team members within our finance team, who have created the buyback account without thoroughly obeying The Standard Procedure approved by the Foundation, and our auditing team did not pick up this misconduct, due to human error. We would like to emphasize that the incident is in no way related to the effectiveness of the actual Standard Procedure or VeChain’s hardware wallet solutions.
3. We have enlisted the assistance of Hacken along with its whitehat community, and vechainstats.com teams to help with monitoring and containment of the situation. Their expertise in blockchain data management and cybersecurity will be of help to our efforts.
4. We have also started a security check immediately on the other crypto assets under the custodian of the Foundation, to make sure no further breach will occur.
5. We have reported this incident to law enforcement in Singapore.

We will continuously monitor the situation and work diligently with cybersecurity and law enforcement professionals to add more clarity to the situation and mitigate as much as possible.

This is an initial update to inform VET token holders of our current situation. A more detailed account of the event will follow once we gain more clarity.

VeChain Foundation

2019.12.14 00:44 (UTC+8)

2019年12月13日，北京时间晚上8时27分，唯链基金会回购地址遭遇黑客事件。回购地址中约11亿VET被全部转移至如下黑客地址：0xD802A148f38aBa4759879c33E8d04deb00cFB92b。目前，与此黑客地址相关的所有地址已在vechainstats.com进行公示，所有接收到黑客资金的地址将会在此实时更新。

唯链基金会在事件发生后的2小时内启动以下紧急预案：

1. 我们在第一时间对此黑客地址相关的所有资金去向进行全面追查，截断资金转账；并与各交易所取得联系，冻结来自此黑客地址的任何资金以及从相关交易所钱包提现的资金。
2. Hacken团队正在积极协助唯链基金会对此次黑客事件所涉及的所有相关地址展开调查和监控；其在区块链数据管理和网络安全方面的专业经验，帮助基金会更快速高效地展开调查工作。
3. 经全面调查，由于唯链基金会内部财务人员在创建该回购地址时未严格遵守基金会制定的标准财务安全流程，且该员工电脑不幸遭受黑客攻击，最终导致本次事件发生，我们为此深表歉意。未来，唯链基金会将会进一步加强内部人员在实施各项标准流程时的管理和审计。
4. 我们已对唯链基金会所有的其他资产进行全面安全检查。唯链基金会所持有的其他地址均处于安全状态。
5. 我们已将本次事件通报新加坡警方，并紧密配合警方对此次黑客事件进行进一步追查。

唯链基金会将对事件发展保持紧密关注，并协同技术与法律领域专业人士寻求最为安全合理的解决方案。

本声明旨在向VET持有者及时说明事件情况，在掌握更多翔实信息后将会继续公开调查情况。

唯链基金会

2019年12月14日 00:44 （北京时间）