A pseudonymous white hat hacker has recovered about 1,003 Ether, worth $2 million, from a faulty smart contract linked to the 2016 Hong Coin initial coin offering-funds that were stuck for nearly a decade.
The hacker, known as "0xflorent," announced the recovery on X. The ICO, which was meant to fund a decentralized venture capital fund, never launched because it failed to reach its goal. The smart contract was supposed to auto-refund investors, but a bug in the refund function broke that mechanism, leaving the Ether locked.
Data from Etherscan shows one investor has already received 96 ETH, worth roughly $192,500. Another 0.5 ETH was returned to a different holder. 0xflorent said they worked with the Hong Coin creators to exploit an admin function with an integer overflow vulnerability, resetting token holders' balances and triggering the refund process.
Hong Coin was first pitched in 2016 as a community-run venture fund where members of a decentralized autonomous organization would decide on projects to back. The ICO ran from August 29 to October 28, 2016, but failed to reach its funding threshold.
Last month, 0xflorent also recovered 19.33 ETH from another failed ICO and a Liquality Wallet user's trapped funds.