Unizen, a decentralized finance (DeFi) protocol, has made an announcement stating that it will reimburse users who lost up to 750,000 or less as quickly as possible following a security breach that resulted in the loss of approximately $2.1 million in user funds.
On March 9, blockchain analytics firm PeckShield detected an “approve issue” with the DeFi platform, revealing that over $2 million had already been stolen. The security firm advised users to revoke approvals from the trade aggregator to prevent further losses. Security company SlowMist estimated that the hacker’s exploit resulted in losses of around $2.1 million and noted that the attacker exchanged Tether (USDT) for the stablecoin Dai (DAI).
The day after the breach, the DeFi protocol sent a message to the hacker on the blockchain, offering a 20% reward in exchange for returning the remaining stolen funds. The protocol also stated that it is cooperating with law enforcement and forensic experts to identify the hacker.
While negotiations for the reward are still ongoing, the DeFi protocol acted swiftly to reimburse the victims of the hack. On March 11, the company announced that it would fully compensate 99% of the affected users as soon as possible.
“We will start providing reimbursement to the remaining users affected immediately. Although our intention is to begin distributions today, we are proceeding with each distribution meticulously, cautiously, and methodically,” the company stated.
According to the announcement, Unizen’s founder and CEO, Sean Noga, personally loaned funds to the company to facilitate the reimbursement of the hack victims. Users who lost less than $750,000 will have their funds returned, with the refunds commencing on March 11.
The company will repay the funds in either USDT or USD Coin (USDC). However, for those who lost more than $750,000, the DeFi protocol has stated that it will handle their cases on an individual basis. Alongside the announcement, the company also provided a video guide to help users review and revoke approvals within the platform to prevent further losses.
Unizen’s chief technology officer, Martin Granström, also commented on the situation, stating that they have already gathered sufficient evidence for a post-mortem report and are collaborating with third-party firms on the matter. He announced that they will soon release an incident report and promised to increase investments in security in the future.