The actions of the pNetwork DeFi protocol team in the recent incident with the tokens of the Gala Games game project were not an operation of a “white hacker”, but a malicious hacking for profit. This is stated in the statement of the Huobi exchange.
On November 3, unknown persons issued ~55.6 billion synthetic pGALA tokens worth up to $2.2 billion in the BNB Chain network. They sold part of their assets through DEX PancakeSwap, raising over $4.5 million. According to Huobi, a further coordinated attack from several addresses brought the attackers even more than $ 10 million in profit through arbitration.
Then pNetwork explained that they had discovered a vulnerability in the pGALA smart contract. The actions of the developers were allegedly an attack by a “white hacker” to prevent a possible exploit. The platform’s statement was confirmed by the president of Gala Games for blockchain, Jason Brick.
“We believe that this is a deliberate attack planned by the pNetwork team, and the white hacking operation is just an illegal excuse that pNetwork is looking for to avoid legal consequences,” Huobi says.
The exchange claims that it has solid grounds for such a conclusion.
Among the arguments , the company indicated:
the vulnerability appeared in the smart contract 67 days before the incident, and nothing confirmed that it could be used by anyone from the outside;
the developers warned Huobi about their actions through unofficial channels 50 minutes before the “hack”, leaving no time for an adequate reaction;
according to the statement of pNetwork, the issue of 55.6 billion pGALA was intended to compensate for the liquidity pool on PancakeSwap, but its volume was only about $ 400,000.
Huobi noted that the Gala Games and pNetwork teams “could have used a more secure method of eliminating the vulnerability”:
“However, they decided to hide the facts and carried out a massive attack using 55.6 billion tokens within 50 minutes after contacting the exchanges. This is a malicious attack motivated by profit, and it amounts to an act of terrorism against innocent users and the platform. The entire industry has been dealt a huge blow as a result of this incident.”
The exchange contacted the pNetwork team to negotiate “reasonable compensation” for the victims. At the time of publication of the statement, Huobi had not received an “acceptable response.”
“In view of the unconfirmed unilateral statement by pNetwork about the GALA incident, which seriously contradicts the facts, this shows how the project team is trying to evade responsibility, causing significant damage to Huobi Global users. […] In order to fulfill our obligations to customers, we will take the initiative to organize and represent [the interests of] victims. We will work with partners to use all legal means, including class action lawsuits and filing police reports, to investigate and file criminal charges against offenders from pNetwork,” the exchange team said.
Huobi called on those who took advantage of the vulnerability to return “illegally obtained profits.
” The company is ready to pay the attackers from the bounty fund in the amount of $ 1 million and not file lawsuits against them.
“We strongly condemn Huobi’s false accusations against pNetwork and will seek legal action. We have documentary evidence that pNetwork acted in good faith and all actions were agreed in advance with Gala Games,” the DeFi Protocol team replied.
According to representatives of pNetwork, the exchange confirmed receipt of the warning after two minutes, but blocked deposits only after a few hours. They also refuted the statement that the protocol received any profit from this operation.
Recall that the losses of the Web3 industry from exploits since the beginning of the year have approached $ 3 billion. October became a record with damage of $760.2 million.