CertiK revealed that stolen funds were frozen in collaboration with US and UK law enforcement agencies.
CertiK, a Web3, blockchain, and smart contract security firm, recently announced that they had successfully frozen $160,000 of the stolen funds from the Merlin DEX "rug pull," which saw users lose a total of $1.8 million.
On May 4th, blockchain security firm CertiK used Twitter to comment on the newest development.
Did you know?
Subscribe - We publish new crypto explainer videos every week!
Harmony ONE Explained (Beginner-Friendly Animation)
In its Twitter thread, CertiK revealed that the firm has "successfully frozen $160K of the stolen funds with the help of partners" and added that they continue to track the movement of stolen funds.
The company tried to collaborate with Merlin to recover the stolen funds from the April 25th incident, but their efforts were fruitless. Therefore, CertiK reached out to law enforcement agencies in the US and UK in an attempt to unmask the pseudonymous operators. The company noted:
This lack of cooperation has complicated our efforts to validate and aid victims. We are focusing on working with law enforcement and have submitted information to relevant US & UK agencies.
According to the earlier post, CertiK believes the "rogue developers" are based in Europe.
Regarding the exit scam, CertiK explained that "Merlin insiders abused the owner's wallet privileges," which aligns with their primary finding that the issue stemmed from a private key rather than an exploit.
While Merlin blames its back-end team for the rug pull, CertiK accepts partial responsibility for not adequately informing users about centralization risks. The firm plans to emphasize this aspect more in future audit summaries. They also stressed that smart contract auditors shouldn't be held fully accountable for failing to detect rug pulls, explaining:
Code Audits serve the purpose of uncovering vulnerabilities, not to detect a potential rug pull. Its important to recognize that many projects both large and small have centralization issues flagged, and the vast majority do not result in a rug pull.
Shortly after the exploit, CertiK launched a $2 million compensation plan for investors affected by the rug pull.
CertiK's actions to freeze $160,000 of stolen funds emphasize the importance of transparency and cooperation in the crypto space, as well as the need for improved communication regarding centralization risks.