- 8ight Finance has admitted that its “opsec was low” after its treasury was hacked
- Around $1.73 million worth of stablecoins were stolen from the 8ight Finance wallets after the private keys were compromised
- 8ight Finance has promised a new project and an airdrop to holders
8ight Finance, the OHM fork on the Harmony blockchain that saw some $1.73 million worth of stablecoins stolen from its treasury, has admitted that its “opsec was low” after revealing that the private keys to the treasury wallets were sent through Facebook chat and Google Drive. 8ight Finance was only launched in October, but just weeks after launching its entire treasury wallet has been emptied, with the contents all sent to Ethereum mixing service Tornado Cash.
Our private key got compromised and the funds have been transferred out of the treasury.
Detailed of the incident provide in threads below
For future information, please join our discord
— 8ight Finance ( 🎱 , 🎱 ) – Harmony | ONE (@8ight_finance) December 7, 2021
8ight Finance Admits Errors
8ight Finance discussed the details of its hack in its Discord server, explaining how the hack took place:
Two devs in the team has the key, they were sent through Facebook groups chat and Google Drive. This is our first project so we must admit our opsec was low.
Investors were incredulous with these parlous security measures, with one joking “They should have posted it on Instagram”, while others immediately ran to the theory that the team performed a rug pull:
Compromised my ass…the team has rugged funds
— nerva (🔺,🔺) (@nervaproject) December 7, 2021
Recovery Plan Receives Short Shrift
The team has begun to work on a recovery plan that involves rebuilding the project to look like the iteration the team was working towards when it was hacked. This will include putting the remaining funds, $250,000 of marketing, towards the new venture and offering an airdrop to all 8ight Finance token holders.
However, the response to the plan showed just how bad the community sentiment remains:
8ight Finance is clearly going to have to work hard to rebuild trust in its user base.