Archived tweet

Tweet by Mozaic Fi:

MOZAIC SECURITY INCIDENT What Happened • About 12 hours ago, ~$2M in funds from the Mozaic vaults were drained by a malicious actor • This individual was a Mozaic developer who had illegally obtained the private keys of a security module by compromising the data of a core team member • This security module was intended as a fail-safe vault mechanism prior to the @HypernativeLabs security measures and was in the process of being phased out. This developer was aware of our recent security upgrades and took advantage of the limited window that remained. At the same time, an institutional investor who held a large position decided to exit their MOZ position due to the falling MOZ price/drained TVL. This large sell unfortunately led to cascading sells which resulted in a significant drop in the price of $MOZ. • We are in communication with this fund and maintain cordial and professional relations Our Response • We were notified about this exploit by Hypernative and several other security firms • However, by the time the vault contracts were paused, the funds had already been drained • Together with our security partners, we contacted the exchanges that the funds were traced to ( @MEXC_Official and @binance ), as well as the relevant law enforcement agencies • 90%+ of the stolen funds were sent to MEXC and frozen • We acknowledge that our delay in communicating this incident caused significant distress in the community. However, we were advised to avoid any public statements that may alarm the malicious actor to cause further damage to internal systems. What Happens Now • We are currently sorting out the paperwork to recover the stolen funds on MEXC • Funds sent to Binance were withdrawn on-chain and will require additional time to trace and recover • The malicious actor has since been terminated and legal and criminal charges are being pursued against them. Additional investigations into suspected accomplices are being conducted by our security partners and law enforcement • All Mozaic employees have had their access to internal systems removed until we complete our internal investigation • We will also be conducting a thorough review and redesign of our security architecture to ensure that a similar incident does not occur again TL;DR • This incident was the result of a malicious insider who drained the vaults • The MOZ/xMOZ token, vault contracts, AI - remain uncompromised and secure. • 90%+ of stolen funds are now frozen on MEXC and will be recovered • We are committed to making vault depositors whole, and request the patience of the community while we engage in the necessary procedures with MEXC/Binance and law enforcement. Tweeted at 5:40 PM · Mar 15, 2024