Baptism by fire: How a hack made the Probinex crypto project even stronger than before
In the past two months, there were more hacks in Central Europe compared to the whole year altogether. Even technological giants such as T-Mobile became subject to sophisticated attacks resulting in temporary limits of their service. The Probinex project was not exempt and attackers tried its settings as well. But a well-set security system and the determination of the whole team turned this incident into an opportunity. In this article, we provide step-by-step documentation of what happened and what it resulted in.
The Probinex project became subject to a highly sophisticated hacker attack in the early evening hours of Friday, 14 October, 2022. Fortunately, immediately after its launch, the security system reacted automatically, which prevented any compromise of client data or resources. This was immediately followed by the activation of a protocol designed specifically for such cases.
The crisis team convened within 40 minutes of discovering the problem. Under the guidance of management and security experts, pre-prepared scenarios were deployed and initial analyses of the event were conducted.
Initial results showed that an unknown attacker had managed to access two operational wallets and compromise 59,600,000 PBXs, 5.96% of the total native tokens issued. The compromised portion of the wallets were in a lower security layer for operational reasons. Although there are very strong security features in place here as well, the attacker was able to breach them. However, no client data nor wallets were compromised during the attack.
Later in the evening, Adam Neuberger, co-founder of the Probinex project, began to regularly inform clients via the social network Telegram.
“At 22:30 we first communicated that a tiny part of the tokens had been stolen and that the attack had been located and isolated. The message also included assurance that all data and resources of all clients of the project remained unaffected by the attack. Over the night, the entire team was then on standby and began working to remediate the situation,” Adam explained on how the attack was handled.
Client transparency first and foremost
The following day, active communication with clients continued right from the morning. The first to go out was an alert about the token’s unusual market price and a notice to not trade the token. There was also intensive communication with the representatives of the ProBit exchange — eventually a decision was made to suspend deposits and withdrawals of PBX tokens, and trading was also shut down. There was a risk that the hacker still held a significant amount of PBX that could be monetized on the Probit exchange.
During the afternoon, the first detailed information on the whole incident was communicated to clients. They were able to learn more details about how the attack took place and what the damage was. Further in-depth analyses of all aspects of the attack were also carried out throughout the day.
“In the evening, we sent the first official email so that all non-Telegram clients were also informed. As a precautionary measure, some back office functions were also restricted. Intensive work was then carried out the next night to mitigate the consequences of the attack,” added Adam Neuberger.
A new PBX token rose from the ashes
Sunday morning kicked off with a warning to clients that the attacker may still be holding stolen tokens and using them to manipulate the market. The publication of FAQs from clients began, along with the publication of appropriate responses.
Throughout the day, there were discussions about the future of the project and the direction it will continue to take. In the evening, an important meeting was called to make the final decision.
After evaluating several possible steps, Operation Phoenix was born, which represented the chosen solution — the issuance of new PBXs that would rise from the ashes of existing tokens, like the mythical phoenix bird.
Moreover, the creation of a new token brought the possibility of enriching the new smart contract with several important features that will greatly facilitate the handling of any similar situation that could possibly arise.
Since the whole process of releasing a new token involves a lot of administrative details, a roadmap was also created to give clear assignments to all team members. At the same time, clients could see what steps the project was currently taking and what would follow.
New token emission step by step
At the beginning of the whole process was the creation of a new smart contract. This was equipped with additional features that could help to deal with the situation more quickly in the event of future token misuse.
It was also decided that the entire contract would undergo a thorough audit by CertiK. The stamp that this company has put under the contract can serve as a reassurance for all PBX token users in the future. Anyone can now transparently verify that the contract has been audited by the true leaders in the industry.
As soon as the contract was established, it was possible to proceed with the issuance of a new token. Along with the issuance came the process of refund and exchange — the so-called token swap. A special contact form was created through which anyone could request a refund of funds that had been used in good faith to purchase PBX tokens until the sale of PBX on the ProBit exchange was completed.
A form was also set up for selected groups of clients to exchange their tokens. Other groups were then exchanged automatically as a matter of convenience.
The final step of Operation Phoenix will be to list the new token on the ProBit exchange. At that point, the new PBX token will be definitively born.
“In addition to the new token and the valuable experience, we will also take away one important lesson from this event. That is the conviction that we are moving in the right direction and that we are doing everything right. In a short time, we have managed to build a project of such importance and reach that it has even been in the crosshairs of these attackers.”
“What’s more, we have found that the whole team can pull together and go after a common goal with tenacity. We are not discouraged by such incidents, which we believe we will eventually look back on as just small hiccups in an otherwise successful journey,” Adam concluded this chapter of the Probinex project.
Apart from the valuable experience and a cohesive team, the project has discovered another very important thing. This is the loyal community of supporters who have been behind the project from the beginning. It was this loyalty and strong support throughout that motivated the team to work.
Probinex plans to rely on this community in the future to meet its next milestones, which are to create an ecosystem of products that will help bring the world of cryptocurrencies to a wider audience and bring blockchain technology to the people.
