Haseeb Qureshi, managing partner of Dragonfly Capital, describes how the Lendf.me attack happened, why imBTC was involved in that hack and a $300,000 hack involving Uniswap the day before, and how the ERC-777 token standard was involved. He also recounts what happened after the attack, including messages sent to and from the hacker, how the Chinese and Western DeFi communities had different responses, and how the hacker ended up returning the funds. Plus, he goes into the details of what he knows about why the attacker did so. 


Thank you to our sponsor! 

Crypto.com: https://crypto.com

Episode links: 

Haseeb Qureshi: https://twitter.com/hosseeb

Dragonfly Capital: https://www.dcp.capital

The Block on the exploit: https://www.theblockcrypto.com/linked/62346/multicoin-capital-backed-defi-protocol-dforce-loses-25m-total-locked-value-in-an-exploit 

News about dForce bringing imBTC to Lendf.me: https://medium.com/imtoken/dforce-brings-imbtc-to-defi-lending-c739b5cc0643

More about imBTC: https://token.im/blog/en-us/articles/360037559114 

Compound CEO Robert Leshner’s comment referring to how dForce stole Compound’s code: https://twitter.com/rleshner/status/1251717261888385025?s=20

More on imBTC attack on Uniswap: https://defirate.com/imbtc-uniswap-hack/

Medium post on whether or not the ERC-777 standard is to blame: https://medium.com/@provablethings/is-a-new-token-standard-really-to-blame-for-the-imbtc-uniswap-and-dforce-attacks-31c62e2bc799 

The Block on the new token standard: https://www.theblockcrypto.com/daily/62568/ethereum-token-standard-open-finance-exploits

Larry Cermak tweet about centralized tokens: https://twitter.com/lawmaster/status/1251953291891802112

Su Zhu on the hacker perhaps being exposed via VPN: https://twitter.com/zhusu/status/1252479842261450753?s=20 

Links from news recap: