Olivia
Online
defi turtle
@0xdefiturtle
Bringing liquid staking to Shibarium with @K9Finance
not an actual turtle
Dog Dojo
Joined February 2024
252 Following
1.2K Followers
457 Posts
Pinned Tweet
thanks to @TheShibMagazine for the ongoing K9 coverage and in particular for the highlight on my role with the K9 Finance DAO this week 🥰
I couldn't be more thankful for the opportunity to support @K9finance and will continue to do my best for the DAO 🫡
@RuggRat_X @Queen1Crypto we are working on fixing it, wasn’t brought down ahead of time
will post updates in TG once server issue resolved
@Mazrael_shib @CryptoSupp38181 @K9finance K9 built its own product and got a Google Grant to support the infrastructure...
The K9 team has never been given access (or would want access for that matter) to anything related to core Shibarium infrastructure.
Why keep making things up?
Shibarium Bridge hacker foolishly chose not to accept the K9 bounty - it’s finally time to share the investigation we’ve been working on…🔎 this is juicy 🤤
The hacker made one stupid mistake and it completely unravelled their Tornado Cash laundering. 💰🌪️💵
That one mistake let me link:
🔗 The original hack wallets
🔗 Tornado withdrawal wallets
🔗 And dozens of KuCoin deposit accounts, likely used by money mules
👮🚨🚓
When I first noticed this transfer I couldn't believe what I was seeing. Jackpot! 🎰
I spent days tracing the blockchain:
• 1000’s of transactions; 293 of interest
• 111 wallets
• 260 ETH laundered through Tornado Cash
• 232.49 ETH ending up in KuCoin
• 48 KuCoin deposits; 45 unique deposit addresses
The entire obfuscation strategy fell apart because a hacker-linked wallet accidentally sent 0.0874 ETH to a “secret” withdrawal wallet that was supposed to be clean - completely destroying their privacy.
Using MetaSleuth, I mapped the money flow:
Original hacker wallet → “dumping” wallets → Tornado Cash → a web of post-mixer wallets → KuCoin deposit addresses.
We quietly shared this with the @ShibariumNet team first so they could work with law enforcement before going public, in case any funds were still frozen or recoverable at KuCoin, but now the time has finally come where we can share this work publicly.
@0xdefiturtle also tried working with @kucoincom fraud department but they told us they needed a law-enforcement case number before acting, despite having everything mapped and all the evidence handed to them on a silver platter. So now I’m publishing the on-chain evidence and methodology for the community, and for any victims who want to file their own reports.
In this thread I’ll walk you through the full explanation of this analysis, step by step. Be sure to open up the @MetaSleuth dashboard (linked below) to see the graph of all the key addresses and transactions that I uncovered.
🚨Breaking News🚨
25 ETH bounty for Shibarium Bridge Hacker - final offer.
I don't think they deserve it. Let's see if they foolishly miss their last chance to profit from K9.... ⏳💸
#ShibArmy please spread the news!
K9 Finance continues to await verified updates on Shibarium bridge operations. As the bounty window approaches its end, we expect to hear progress from the SHIB team so the DAO can plan its next moves with clarity. Our priority remains protecting the community and $KNINE on ETH.
Update:
The decay period for the bounty offered by @K9finance to the Shibarium Bridge Exploiter has now kicked in. The 5 ETH offer is lowering every second for the next 3 weeks.
The Exploiter has been sent the following message:
“⏱️ Tick tock...
⏳ The bounty decay has started.
💸 Your bounty is now decreasing every second to return the blacklisted KNINE. Accept now if you want to secure any value for the KNINE”
TXID: https://t.co/5O6UBr6iYX
A metadata refresh on the NFT they were sent representing the current size of the bounty has also been triggered & can be viewed below. What was once a 5 ETH bounty is now ~ 4.8 ETH and going lower the longer they choose not to accept the offer from K9 DAO
https://t.co/xW9i79FDio
https://t.co/cKYe9PfGno
Happy anniversary to Bone Crusher, K9 Finance DAO's liquid staking platform on Shibarium!
It's been an awesome year for me using the product and I was able to acquire hundreds of millions of $KNINE by vesting $esKNINE as well as earning hundreds of $BONE by locking and staking $KNINE!
We've had bonus tokens from partners, and have added 2 new farming pools!
300+ liquid stakers, bridging 2M+ $BONE, minting $knBONE on Shibarium, 600+ lockers and stakers with 200B+ $KNINE locked and staked.
This platform helped make the K9 Finance DAO validator the #1 validator, have the most TVL, and deepest liquidity in pools on the network. Truly leading the way for Shibarium. I am honored to be a part of this DAO. Thank you for letting me be a part of it.
Here's to the K9 Finance DAO, the development team, and the sub-DAO for all their efforts to make this platform what it is today. I appreciate all of you!
The Shib team has joined @K9finance to offer a bounty to the Shib Bridge Exploiter
Shib Deployer 2 has sent a message offering a 50 ETH bounty in exchange for the tokens stolen.
https://t.co/7T7AtywqWm
Update:
The Shibarium Bridge exploiter responded with the following message:
"Hi K9 Finance DAO! I can't accept 5 ETH. The bounty I can accept is 50ETH and I will not return KNINE for less. Please let me know when you are willing to meet that price"
@K9finance DAO responded with a message co-approved by @kaaldhairya:
"5 ETH is the final offer from K9 DAO & it starts decaying in 5 days. This is already more than standard 10% bounty based on the 41 WETH in LP you could have gotten from selling.
The KNINE is locked, so you don't have negotiating power.
The SHIB team will send an additional offer for 50 ETH for the remainder of the funds separately from shiba-swap.eth (Shib Deployer 2)
Keep watching messages and maybe you'll walk away with your 50+ ETH and a waiver of legal actions. But your offer from K9 DAO is 5 ETH.
The bounty starts to decay in 5 days. Act quickly or you'll miss your chance. Save face - either accept the 5 ETH for the KNINE or it is worth $0 to you."
Dear Shibarium Bridge Exploiter:
Limited-time offer for 5 ETH in exchange for returning frozen KNINE to @k9finance DAO
The bounty contract is only available for 30 days. 5 ETH reward will start to decay in 1 week. Act ASAP for the full 5 ETH reward
The K9 DAO has authorized a 5 ETH bounty for you to return the funds. We have deployed a trust-less contract for you to accept the bounty. Should you accept, K9 DAO will not initiate any further civil claims
@Mr_Lightspeed appreciate you 🙏
the ETH used to buy the 4.6M BONE came directly from the bridge/stolen funds, not the attackers own wallets or any other form of outside capital
that BONE was then delegated to have 2/3 majority, which enabled the attacker to withdraw from ERC20Predicate (where all of the Shibarium projects ERC20 tokens are locked)
this also means the BONE purchase was really just a redistribution of existing escrowed ETH from the bridge, netting no new actual funds into Shibarium... just went from one place to another (ETH living on the bridge ended up as delegated BONE)
@Digarch @Mazrael_shib @K9finance @UnificationUND yeah, but even with the existing BONE on those 10, they didn't have a 2/3 majority
which explains the huge BONE buy + delegation in the attacker transaction
the 10 validators that signed were controlled by the attacker, most likely because they were all being run by 1 entity
the reason the @K9finance and @UnificationUND validators didn't sign is because they are operating on their own infra that wasn't compromised
the reason there was a huge BONE buy is because the attacker needed to have 2/3 majority to push a bad chain state (because K9 and Uni still had too much BONE vs. the other 10 even with the keys compromised)
the bridge being hacked creates major issues for all Shibarium projects, K9 included
i think the question is, who controlled the 10 signing keys to the compromised validators? 1 person? 1 machine?
🚨 Shibarium Bridge Security Update 🚨
Earlier today, a sophisticated ( probably planned for months ) attack was carried out using a flash loan to purchase 4.6M BONE. The attacker gained access to validator signing keys, achieved majority validator power, and signed a malicious state to drain assets from the bridge.
Because the BONE was delegated to Validator 1, it remains locked (due to unstaking delays), giving us the chance to freeze those funds.
⸻
🔒 Immediate Actions Taken
•Paused stake/unstake functionality as a precaution.
•Moved stake manager funds out of the proxy into a hardware wallet controlled by our trusted 6/9 multisig.
•This move is temporary until we fully confirm the extent of any validator key compromise.
⸻
✅ Next Steps
Once secure key transfers are completed and validator control integrity is verified, the stake manager funds will be restored in full.
Our top priority is protecting the network and community assets. We will continue to provide transparent updates as the investigation progresses.
⸻
⚠️ Important Notes
•We are currently in damage control mode and do not yet know if the breach originated from a server or a developer machine.
•We are actively working with Hexens, Seal 911, and PeckShield to investigate the incident.
•Authorities have been contacted. However, we are open to negotiating in good faith with the attacker: if the funds are returned, we will not press any charges and are willing to consider a small bounty.
Incident Update: We’ve temporarily disabled the knBONE bridge while we support the Shibarium devs, who have paused BONE staking/unstaking to freeze the attacker’s ~3.7M BONE.
Existing balances are unaffected.
Bridging knBONE ↔️ BONE is paused until containment is confirmed.
We’ll share more as soon as it’s safe to do so / becomes available.
Last Seen Users on Sotwe
Marouf Sattam
Pornamaica 🇯🇲 🇯🇲 | Paid PROMO
Seen from United States
Big Feet Page
Seen from Sweden
MR NICE GUY
Sen ben
Seen from Turkey
ParejaPueblaBi
Seen from Guatemala
chong chóng tre nè Nobita
Seen from Vietnam
SANGEEEAN
Seen from Singapore
gay sange
Seen from Netherlands
teman dekatmu
Seen from Indonesia
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers