Lending platform Alchemix recently made a significant announcement, reporting the successful return of all the funds stolen during the Curve Finance hacker attack on July 30.
The attack had resulted in a massive loss of over $61 million in cryptocurrencies, with $13.6 million drained from Alchemix’s alETH-ETH pool.
The hacker had also targeted JPEGd’s pETH-ETH pool, causing an outflow of $11.4 million, and Metronome’s sETH-ETH pool, which lost over $1.6 million.
The hacker exploited vulnerabilities in the Vyper programming language through reentrancy attacks to execute the heist.
To reclaim the stolen funds, the hacker agreed to a bug bounty offer. On August 3, Curve, Metronome, and Alchemix jointly launched an initiative, promising a 10% bounty reward to anyone who returned the seized funds.
They urged the perpetrator to give back the remaining 90%, potentially amounting to around $7 million.
Surprisingly, less than 24 hours after the offer was announced, the original attacker began returning the stolen funds.
The process started with the hacker sending back 4,820.55
Alchemix ETH (alETH) to the Alchemix Finance team. Eventually, on August 5, the transaction was fully completed.
READ MORE: JPEG’d DeFi Protocol Recovers $10 Million in Stolen Crypto After Hacker Returns Funds
In an on-chain message that appeared to be directed at the Alchemix and Curve teams, the attacker stated the reason for the return.
The individual claimed to be refunding not because they feared being identified but rather because they did not wish to “ruin” the projects involved.
JPEG’d, the nonfungible token protocol affected by the attack, also received a refund from the hacker. The hacker returned 5,495 Ether to the protocol.
As part of the bounty offer, JPEG’d decided not to pursue legal action against the perpetrators, considering the event as a white-hat rescue.
With the return of the stolen funds, Alchemix, Curve Finance, and JPEG’d can now focus on rebuilding and securing their platforms.
This outcome highlights the importance of bug bounty programs and collaborative efforts among crypto projects to address security breaches and protect their users from potential risks.
While the incident caused significant damage, the swift response from the involved parties and the hacker’s willingness to return the funds offer a glimmer of hope for the DeFi community, emphasizing the need for continued vigilance and security measures in the rapidly evolving world of cryptocurrencies.
Other Stories:
Bitcoin’s Hodl Strategy Outperforms Crypto Funds by 68.8% in H1 2023
Elon Musk Puts Rumors to Rest: X Has No Plans to Launch Crypto Tokens
Chamber of Digital Commerce Publishes Impactful Analysis on SEC’s Ripple Lawsuit