In a remarkable twist of fate for investors left stranded by a failed 2016 initial coin offering (ICO), a pseudonymous white-hat hacker has successfully recovered $2 million from a flawed smart contract associated with Hong Coin. The hacker, known as "0xflorent," leveraged an exploit within the smart contract's admin function to facilitate refunds for nearly a decade.
0xflorent took to social media platform X to announce the recovery of approximately 1,003 Ether (ETH), benefiting 48 investors who found themselves entangled in the unresolved aftermath of Hong Coin's ICO—a decentralized venture capital initiative that never launched due to underwhelming fundraising efforts. The hacker explained that the contract originally intended to automatically refund investors, but a bug in the refund protocol caused the funds to become indefinitely locked.
“The contract held all the investors' ETH and was supposed to auto-refund them,” 0xflorent clarified. “However, a bug in the refund function broke that, and the funds got stuck.” Data from Ethereum block explorer Etherscan revealed that one fortunate investor has already received a refund of 96 ETH, equal to approximately $192,500, while another investor was returned 0.5 ETH.
Hong Coin's story began in 2016, when its creators pitched the token as a community-directed venture capital fund managed by a decentralized autonomous organization, intended to enable members to decide which projects merited financial backing. The ICO launched on August 29, 2016, concluding two months later on October 28, but ultimately failed to meet its funding targets, leaving investors without recourse.
0xflorent detailed the innovative approach taken to retrieve the locked funds, showing the Hong Coin creators how to exploit a vulnerable admin function characterized by an integer overflow issue. “Calling it with a specific input resets a holder's balance and unblocks the refund check,” they disclosed, revealing the technical know-how underpinning the recovery.
On a related note, 0xflorent recently reported success in accessing a total of 19.33 ETH worth about $40,600 from another failed ICO project, demonstrating a growing pattern of leveraging security vulnerabilities for the benefit of investors.
The unfolding saga surrounding the Hong Coin recovery highlights the vital role of ethical hackers in the cryptocurrency space, particularly as digital assets continue to evolve and attract both innovation and potential exploitation. In a landscape riddled with uncertainty and risk, the intervention by 0xflorent not only restores investor confidence but also emphasizes the importance of rigorous security measures in the development of blockchain technologies.
For more details, follow the original report here.