TLDR - One of the 2key company operational laptops used for various accounting actions and contained access to a few hot wallets was compromised, and those wallets were drained by a hacker on September 25. The hacker stole 79 ETH and 803K 2KEY tokens (worth about $30K). The thief already dumped the stolen tokens in batches, devaluing 2KEY tokens, and swapped the last ones on October 12.
We are hereby announcing the first burning of our tokens for an amount equivalent to the stolen amount and a buyback for the same amount.
Neither the 2key.io application nor the 2key.network infrastructure were compromised, and all users tokens and personal data remained safe. Yet, we are increasing security measures in the app and company wallets and will continue to add security measures to make sure 2key becomes ever more secure.
The crypto space is at the forefront of technology advances to bring forth the decentralization of finance, but that means it is also at the frontline against cyber attackers. For the first time since its creation, 2key has been successfully targeted.
From the investigation led in tandem with cybersecurity experts, the breach unfolded as follows.
On Friday, September 25, just as Kucoin's exchange suffered a major hack, we discovered that one of the 2key's operational laptops had been hacked (The only identifiable connection between the two hacks is the date, so we can only speculate whether they are linked).
The stealth attack on the targeted computer consisted, as it seems, of implanting an executable malware that cloned the screen and/or other local resources in the laptop, enabling the hacker to see and record any interaction, and eventually exposing several passwords and mnemonics (secret words) as they were encrypted.
On September 25, at 14 UTC, the thief emptied all the wallets he had gained access to.
This type of malware relies on a combination of techniques to insert themselves in target computers and leverage various malware and on-demand AI abilities now readily available for sale, or even Saas, on the DarkNet. Unfortunately, this means this type of attack is multiplying exponentially, so it is incumbent to each of us to be vigilant and take preventative measures.
Accordingly, all the company tokens were already, before the hack, safely stored within the smart contract infrastructure of 2key.network and the app itself already had extensive protective measures in place.
Security checks performed on the company's and app assets by cyber experts uncovered no breach, nor any risk to users' funds or personal data.
After the breach, we consulted with our advisors to debate the necessary measures to redress the situation. Given that the amount stolen is just 0.13% of the total 2KEY supply and only ~3% of the circulating supply, drastic measures such as token hard fork (implemented for some of the tokens stolen from Kucoin) were not justified.
Due to the limited scope of the breach - the hacker only managed to access only a minute fraction of the project’s assets. Our strategy has been to monitor the hacker’s address and take corrective measures, in collaboration with other leading players in the crypto space, before disclosing the breach. Especially as the hacker's stolen tokens swapping activity was concentrated during a few days and was mainly directed at Uniswap (decentralization for better or worse…!). On October 12, he sold the last remaining stolen tokens.
As a corrective measure for 2KEY holders impacted by the 2KEY devaluation resulting from the theft and subsequent dumping, we are about to perform the first 2KEY token burning. This burning will be equivalent to the stolen amount and taken from the token reserve not sold during the private sale. We are also announcing a 2KEY token buyback for a token amount equivalent to the amount stolen.
This unwelcome event is a valuable lesson in cybersecurity, and we want to share it with everyone and give you some tips so that none of you fall victim to a similar attack. Decentralization is an admirable and exciting development but is exposed to risks that are yet to be mitigated.
As 2key aims to lead the path of crypto to mass adoption, we understand better than ever the pros and cons of this technology and the importance of building security, insurance, and recovery tools for the next wave of newcomers.
We believe that a project that has a traded token should keep maximum transparency and bake in robust security infrastructure. The limited scope of this breach shows that we are on the right path.
Stay safe. Stay secured. Go2key!