Financial app developer Telcoin has restored all user balances two weeks after an exploit led to $1.2 million worth of funds being drained from users’ accounts.
In an email to CryptoNews, Telcoin noted that it had restored all user balances, fixed the vulnerability, and completed an external audit of its contracts.
In its statement, Telcoin said that it had restored user balances using funds from its own treasury, while continuing to work with law enforcement and blockchain security experts to track down and recover the stolen funds.
“Making the decision to preemptively restore affected user wallets from our company treasury was a no-brainer, and I’m proud of the team for making that happen in record time,” said Paul Neuner, founder and CEO of Telcoin.
The exploit originally occurred in late December, when a wallet implementation error on Polygon led to user balances dropping on the Telcoin mobile app.
The issue arose due a faulty interaction between Telcoin’s digital wallet and a proxy contract.
The interaction led to the proxy incorrectly performing certain storage functions, which allowed the exploiter to withdraw funds from user accounts, according to Neuner.
Despite the incident, Neuner asserted that using a proxy was still a “security best practice.”
“We still maintain that putting the wallet being a proxy is security best practice, and have now updated, hardened, and externally audited our restored implementation.”
Additionally, no admin keys were leaked during the exploit, with Neuner confirming that the Telcoin ecosystem was not affected by the exploit.
The exploit initially caused mass panic among Telcoin holders, leading to a brief 65% decline in the price of Telcoin ($TEL).
Following the company’s announcement,
Read more on cryptonews.com