A security expert, known as a white hat hacker, has successfully retrieved about $2 million worth of Ethereum (ETH) – specifically 1,003.62 ETH – that was locked in a malfunctioning smart contract from a 2016 token sale. This allows the original 48 investors in the Hong Coin (HONG) to now access the funds they invested nearly nine years ago.
A hacker nicknamed “0xflorent” successfully retrieved approximately $2 million (1,003.62 Ξ) that had been locked in a flawed smart contract from a 2016 initial coin offering (ICO). The hacker identified and exploited a bug in the contract’s refund system on the Ethereum network, safely releasing the funds. This incident demonstrates that problems with early smart contracts can still impact investors years after the original projects have failed.
A security researcher successfully recovered approximately $2 million worth of Ethereum (Ξ) that had been locked in a smart contract from a 2016 initial coin offering (ICO). For nine years, 48 original investors were unable to access their funds, but this recent ‘white-hat’ exploit has made it possible for them to reclaim them.
— 0xflorent.eth (@0xFlorent_) May 31, 2026
Smart contract bug traps ICO funds
Hong Coin (HONG) launched a funding drive in late 2016, aiming to create a community-managed venture capital fund where members would vote on which projects to invest in. The plan was to distribute 250 million HONG tokens over several funding rounds. However, the campaign didn’t reach its funding goal. The smart contract was designed to automatically return the funds to the 48 investors if this happened, but a mistake in the code prevented the refunds. As a result, the investors’ money remains locked and inaccessible.
Security researcher 0xflorent discovered a flaw in the contract’s admin function. This vulnerability, an integer overflow, allowed a specific input to reset user account balances and initiate refunds. As 0xflorent explained, exploiting this function could essentially unlock the refund process for any user.
How the cooperative recovery worked
The process for regaining access was designed to require teamwork, preventing any single person from acting alone. 0xflorent contacted the HongCoin team and first tested the recovery steps on a practice version of Ethereum. Then, the HongCoin team’s designated signers completed the necessary transactions. This recovery method relied on a special function that could only be activated by the project’s multisignature setup, making collaboration crucial.
The unlock involved two paths for the 48 investors:
- 41 transactions used the integer-overflow workaround for larger holders whose balances were blocked by the refund-cap bug — one transaction per blocked holder.
- 7 holders held small enough balances to be refunded directly without needing the workaround.
That completes the accounting for all 48 original participants. Consequently, investors were able to reclaim their Ether after years of no activity on the contract.
Blockchain data confirms the refund process is functioning as expected. According to information from Etherscan reported by Cointelegraph, one HONG investor has already received roughly 96 ETH (valued at approximately $192,500), and another received 0.5 ETH.
Rising role of ethical hackers
As more lost or stolen funds are discovered in older cryptocurrency contracts, security experts—often called ‘white hats’—are becoming increasingly important. Recently, Renegade.fi helped recover around $190,000 after a security breach on the Arbitrum network. In this instance, the majority of the funds were returned quickly after communicating with the person who exploited the contract.
Security researcher 0xflorent recently rescued around 19.33 ETH that was stuck in unsuccessful initial coin offering (ICO) contracts and during transfers between different blockchains. The funds were inaccessible because refund processes weren’t working and time limits had passed.
I recovered 19.329 Ether (worth $40,590) and returned it to its rightful owners. These funds had been locked in outdated contracts for years, and could be retrieved using publicly available functions that no one had previously activated.
— 0xflorent.eth (@0xFlorent_) May 24, 2026
Security experts point out that problems often arise from unnoticed or concealed parts of smart contracts, which can lock up users’ money. Both malicious hackers and security researchers frequently look for the same weaknesses in these contracts. This means designing secure smart contracts remains a constant challenge for the entire decentralized finance world.
Read More
- Gold Rate Forecast
- EUR USD PREDICTION
- Silver Rate Forecast
- EUR CNY PREDICTION
- USD JPY PREDICTION
- OKB PREDICTION. OKB cryptocurrency
- BTC PREDICTION. BTC cryptocurrency
- USD THB PREDICTION
- USD NZD PREDICTION
- ZEC PREDICTION. ZEC cryptocurrency
2026-06-01 16:35