Curve Finance, a prominent decentralized finance (DeFi) protocol, is offering a bug bounty reward to anyone who can help identify the exploiter behind a significant incident that drained more than $61 million from its pools on July 30.
Several other protocols affected by the attack have also contributed to the bounty, amounting to over $6 million, in the hopes of encouraging the hacker to come forward.
Recently, the attacker responded to the bug bounty offer on August 3 by returning some of the stolen assets to Alchemix and JPEGd.
However, the hacker did not complete refunds to other affected pools. With the deadline for voluntary returns passed, Curve Finance is now extending the bounty to the public.
The reward stands at 10% of the remaining exploited funds, which currently amounts to $1.85 million USD.
The bounty will be awarded to anyone who can identify the exploiter in a way that leads to their conviction in the courts.
Nevertheless, if the exploiter chooses to return the funds in full, the matter will not be pursued further.
Prior to returning the funds, the attacker left a message seemingly directed at the Alchemix and Curve teams.
In the message, the exploiter claimed to be refunding not out of fear of being caught, but rather to avoid damaging the projects involved.
The attack took place on July 30 and involved the exploitation of vulnerabilities in vulnerable versions of the Vyper programming language through reentrancy attacks.
This led to the drainage of substantial amounts of cryptocurrencies from Curve’s pools, including $13.6 million from Alchemix’s alETH-ETH, $11.4 million from JPEGd’s pETH-ETH, and $1.6 million from Metronome’s sETH-ETH.
The incident exposed weaknesses in various DeFi projects and triggered widespread efforts to recover the stolen funds throughout the DeFi ecosystem over the past week.
In conclusion, Curve Finance is actively seeking to identify the responsible party behind the significant exploit that resulted in substantial losses from its pools.
They are offering a substantial bug bounty reward to incentivize anyone with pertinent information to come forward and help bring the attacker to justice.
The incident has raised awareness of the vulnerabilities present in DeFi projects and spurred efforts to enhance security measures across the ecosystem.
Other Stories:
U.S. Senators Call for Crackdown on North Korea’s Cryptocurrency Funding of Nuclear Program
Latvia Sees Decline in Crypto Asset Purchases Amidst Concerns Over Fraud and Money Laundering
Coinbase CEO Affirms Commitment to US Amid Regulatory Uncertainty
