DeBox Social has announced a significant security attack involving its operational account, causing the loss of 31.0282 ETH (approx worth $114,000) and 4,879,079 BOX tokens(worth nearly 170,490). The incident occurred due to a private key leak from the platform’s externally-owned account (EOA) wallet. Importantly, DeBox has clarified that user accounts and funds remain secure and unaffected.
Dear DeBox Community,
Incident Report on DeBox Social Operational Account Theft
I. Asset Loss Overview:
•ETH: 31.0282
•BOX: 4,879,079.3995The above losses were caused by a private key leak of the personal EOA wallet used for the DeBox Social operational account. This… pic.twitter.com/IV1pBtp3Fj
— DeBox (@DeBox_Social) December 2, 2024
To tackle the attack, DeBox has outlined a detailed recovery plan. The platform said, “The Stabilization Fund will be used to purchase back all stolen tokens from the exchange, with completion expected within one week.” The platform will use its Stabilization Fund to repurchase the stolen tokens from exchanges, with the process expected to be completed within a week. These repurchased tokens will be allocated to the BOX DAO, where the community will vote on their future use.
To enhance security, DeBox will transition its operational account to a multi-signature wallet once multi-signature logins are supported on the platform. Additionally, a professional security firm has been engaged to investigate the breach and trace the stolen assets. Regular updates will be provided, and any recovered funds will be managed through BOX DAO voting, noted DeBox.
DeBox emphasized its commitment to transparency and community involvement, expressing gratitude for user support and confidence in overcoming this challenge. The platform added, “DeBox has always placed the community at its core, striving to build an open, transparent, and sustainable ecosystem.”
Read the full article here