alt Hacker NewsMissing from the article - the hacker first compromised Resolv Lab's AWS account, took a private key from KMS that was used to control minting, then managed to extract $25 million into ETH before all protocol functions were suspended.
Replies
thebiblelover7 • yesterday at 11:27 PM
Do you have a source for that information? I'd like to read more on it.
➕ show 1 reply
abrookewood • today at 3:32 AM
It's explicitly mentioned in the article:
A step by step breakdown of the attack Step 1. Gaining Access to Resolv’s AWS KMS Environment
➕ show 1 reply
> took a private key from KMS
They used KMS to sign the minting operation, but they didn't "take" the key, AWS KMS doesn't let you extract keys.