More updates about the hacking event on June 21, UTC Hackers | RACA Announcements

More updates about the hacking event on June 21, UTC

Hackers attacked the RACA withdraw service on June 21, UTC. The attack occurred because our operation and maintenance engineers work globally and remotely. They use their home internet to access the RACA backend service. The computer of one engineer was infected with a Trojan virus. The hacker obtained the server permission of the RACA withdrawal service and got the private key and withdrawal signature. Through forged transactions, a total of 698 million RACA in the associated smart contract of the withdrawal service was transferred to the hacker's wallet address 0x987984e53ba32d133a190f79272028a7ec5beeb9.

RACA team statement:

1. High-standard security specifications and workflow have been implemented in the team, and similar security issues will not occur again.

2. It is hoped that the attacker can return 598 million RACA, and the remaining 100 million RACA will be used as a reward for the attacker as a white-hat hacker. If this 698 million RACA has been sold for a stablecoin, we would like the white hat hackers to transfer back 80%. The remaining 20% goes as a white-hat hacker bounty. The wallet address to return RACA or stablecoin: 0x039980Da0E99D3976E95a93fDE97AdB4103Fc17b

3. We hope that the attackers can cooperate with us to recover the stolen RACA, otherwise, RACA team reserve the right to take legal action.