Neo has provided details regarding a recent security breach that affected the N3 Migration service. The attack is still under investigation, however it is believed that the private keys for the two migration wallet addresses were compromised.
The attack was detected on Feb 8. following transactions made from two N3 migration wallet addresses. Approximately 3.4M NEO, 730K GAS, and a mix of NEP-17 tokens were transferred from the migration wallets to three new addresses without corresponding migration transfers on Neo Legacy.
Approximately US $520 in fUSDT, fwETH, fwBTC, and FLM were bridged out of the ecosystem via Poly Network. The attacker also converted fUSDT, FLM, fWBTC, fwETH, and pONT to 223,461 NEO using Flamingo.
To limit damage to the Neo ecosystem and prevent token liquidation, the Neo Council elected to use the Policy native contract to block the three malicious addresses. Achieved using the signatures of 11 out of the 21 members, this prevents the vast majority of stolen funds from being accessed by the attacker.
The N3 Migration service has been temporarily paused. Neo Global Development noted that an announcement will be made when the service is restarted. No user assets are at risk.
The original announcement may be read at the following link: