EasyFi Hack 2021 — $80M Exploit Analysis

EasyFi founder's MetaMask seed phrase was compromised via a targeted attack on his computer, leading to $80M in stolen assets.

Details

Full Description

An attacker gained direct access to EasyFi founder Ankitt Gaur's computer and extracted the MetaMask seed phrase storing admin and treasury keys. Using these keys, the attacker transferred $6M in stablecoins and 2.98M EASY tokens (valued at ~$75M at the time) to their address. The use of a hot MetaMask wallet for admin functions was a critical security failure.

Laundering Analysis

Stablecoin portion ($6M) moved through multiple wallets and converted via DEXes. The 2.98M EASY tokens crashed the market price upon being sold, with the actual realized value far below $75M. EasyFi offered a $1M bounty and proposed a compensation fund. No attacker identified. Protocol launched a v2 with enhanced security.

Sources

Related Hacks

Back to Browse