Dear Team Finance Community,
We are issuing this statement to provide full transparency regarding an incident that occurred on Sunday, February 9th 2025, affecting a project using our free Team Finance staking pool service.
Our monitoring systems immediately detected unauthorized activity, and we acted swiftly to contain the issue. However, within a short window of time, this project (Crypto Autos) was impacted, resulting in the removal of tokens from their staking pool.
This was an isolated incident that has been fully resolved. We had this statement ready shortly after the incident, but we were required to obtain proper authorization from the relevant authorities before releasing the details below.
Incident Overview
The incident occurred following a minor patch to our audited staking service intended to support a client experiencing an issue with an incompatible token. There was a vulnerability in the patch that was exploited, leading to a withdrawal of an unauthorized amount of reward tokens.
The wallet address 0x774bCC693202f7806840f22f31FC5e654658C8E6 retrieved 17,963,000 AUTOS tokens in tx at 3:00 am UTC on Sunday, Feb 9th 2025:
https://etherscan.io/tx/0x905c7ae05fd19e1fb4cda99541392d9873b465f198b05d6af464bbabe0d67b72
At Team Finance, we prioritize security by regularly auditing and monitoring our smart contracts to maintain standards of reliability and trust. However, even we cannot guarantee the complete absence of potential bugs. As such, we strongly encourage all projects to conduct their own due diligence and testing to ensure proper functionality within their specific environment.
The deployed update underwent code reviews, peer reviews and testing, both internally and by Bailsec, our auditor and external security partner, who has conducted a full audit on our original staking contract and reviewed our latest deployment.
We immediately reacted by rolling back the affected smart contract on Ethereum mainnet https://etherscan.io/tx/0x36735e6d8a084942cdbec9998e878b6628cd41cb564046faee60db2979eb97b9 and stopped any further risk of unauthorized withdrawal.
Our Response & Next Steps
- Support for Affected Project: We are in direct communication with the impacted project to assess the situation and provide necessary assistance.
- Investigation & Recovery: We are helping the impacted project by actively working with ZeroShadow Cyber Security Services to trace the funds and are collaborating with authorities to pursue the recovery of the missing funds.
- Security Enhancements: We are reinforcing our internal processes to prevent similar incidents, including the removal of any custom implementations to minimize risks from minor updates, and expanding our audit coverage to ensure that even the smallest updates undergo full security review.
Commitment to Security
Security remains our priority, and we are taking all necessary steps to ensure Team Finance continues to provide a secure and reliable platform for our users. We always follow the advice of our security partners, and the authorities in these matters.
We will provide further updates and we appreciate the patience and trust of our community.
The Team Finance Team
Additional statement requested by the project affected
CryptoAutos’s staking pool has been impacted by the incident. From the moment suspicious movements were detected, both teams have been both communicative and transparent with their community, while focusing on securing a resolution.
We are incredibly grateful for the unwavering support of our community and partners who have stood by us with integrity and respect. This was not a failure of the CryptoAutos' technology, staking services, or our team. Our infrastructure remains secure, and our commitment to our users is unwavering.
Challenges like this are unwelcome but they test resilience. They also define character. We remain steadfast in our mission and will continue to push forward with clarity, strength, and the full weight of our principles.