White-hat recovers $2M from 2016 Hong Coin ICO

A pseudonymous security researcher known as 0xflorent recovered roughly 1,003 ETH, about $2 million, from a Hong Coin smart contract that held investor funds from a 2016 initial coin offering. The recovered Ether came from 48 investor addresses tied to the failed ICO.

Hong Coin ran its token sale from Aug. 29, 2016, to Oct. 28, 2016. The project proposed a community-run venture capital fund and planned to distribute 250 million HONG tokens across five stages. The sale did not meet its funding threshold, and contributors were supposed to receive automatic refunds, but a flaw left the refund mechanism inoperative and funds trapped in the contract.

On X, the researcher described using a privileged admin function with an integer overflow vulnerability to reset token holder balances and re-enable the refund check. The post noted cooperation with Hong Coin’s creators to demonstrate how that function could be used to release the locked Ether.

Public Ethereum block data show refunds reaching some addresses after the intervention. One investor address received 96 ETH, now worth about $192,500, and another address was returned 0.5 ETH. The total returned from the contract to date is about 1,003 ETH.

An integer overflow occurs when a calculation wraps around the maximum value the contract code expects, producing unintended results. In this case, the overflow allowed an admin-level call to set a holder’s balance to a value that satisfied the contract’s refund condition, enabling the refund logic to execute.

The researcher previously helped recover 19.33 ETH in January from a failed ICO and a user with funds stuck in a cross-chain transfer protocol. The recent actions restored funds to long-waiting contributors after nearly a decade of being inaccessible.