Crypto Hackers’ Tendency Toward Returning Stolen Funds Rises In 2023’s First Half! What’s the Reason?

The first half of 2023 has brought an unexpected twist for the crypto market, which has always been a favourite target for cybercriminals. However, as the number of crypto hacks surged in an alarming fashion, a surprising trend began to emerge from hackers as they now started returning the stolen funds. This event surged exponentially this year, leaving many wondering whether hackers are supporting the growth of crypto by spotting vulnerabilities. 

Hackers Stole Over $700 Million From 260 Crypto Projects 

In the initial quarter of 2023, cryptocurrency attacks resulted in thefts amounting to approximately USD 400 million, spanning nearly 40 incidents. This represents a substantial decrease of 70% compared to the corresponding period in 2022. 

Interestingly, the total value pilfered via crypto hacks in Q1 2023 was lower than any quarter of the previous year. The decline in the stolen amount was notably more pronounced than the drop in cryptocurrency prices during the same timeframe.

During the second quarter of 2023, crypto hacks and exploits led to the loss of over $300 million in digital assets. The quarter witnessed a total of 212 security breaches. These incidents resulted in malicious entities extracting a total of $313,566,528 from Web3 protocols. When compared to the second quarter of 2022, which saw a loss of $745 million due to hacks and exploits, this quarter underscored a 58% reduction in the total amount lost.

Hackers Continue To Return Funds! Curve Exploiter Supports The Project

In an interesting trend, hackers have been progressively returning the stolen funds, opting instead for a “white hat” reward offered by the compromised projects. In 2023, victims of these hacks managed to recover nearly half of the stolen funds.

For example, the perpetrator who siphoned off $61 million from the decentralized exchange, Curve Finance, has partially returned the stolen cryptocurrency following discussions with one of the victims on Friday. 

In a message associated with an Ethereum blockchain transaction, the offender requested Alchemix, one of the victims of the theft, to verify the protocol’s address for the return of the assets. Shortly thereafter, the individual transferred nearly $10 million worth of Ether (ETH) and alETH to Alchemix’s multi-signature wallet through several transactions, as evidenced by blockchain data on Etherscan.

Moreover, JPEG’d, a protocol for nonfungible tokens (NFTs) and decentralized finance (DeFi), has verified the return of 5,495 Ether, approximately valued at $10 million at present rates, by the Curve Finance hacker.

The hacker, who had stolen the funds on July 30, received a bounty of 610.6 ETH (around $1.1 million) in return for restoring the stolen assets.

More Examples Of Hackers’ 180 Flip

An attacker who manipulated the TenderFi protocol returned half of the $1.6 million acquired from the attack, receiving an $850,000 bounty from TenderFi in exchange. In a similar incident, the hacker responsible for the exploit of the Euler lending protocol consented to return the entire $200 million worth of cryptocurrency that was stolen. 

Both these breaches occurred in March. In April, the individual who exploited the Safemoon protocol returned $7.1 million worth of cryptocurrency, retaining the remainder of the $9 million haul.

High Profile Enforcement Cases And Tight Regulations May Be The Explanation 

A plausible reason for this trend could be the rising regulatory scrutiny towards crypto hacks, coupled with several high-profile enforcement cases. Primarily, cryptocurrency exchanges are intensifying their Know Your Customer (KYC) and Anti-Money Laundering (AML) policies, which makes it more challenging to liquidate stolen coins. 

Concurrently, the Ethereum mixing protocol Tornado Cash, a widely used tool for money laundering in the Ethereum ecosystem, has been under U.S. sanctions since August 2022. This has resulted in the automatic blacklisting of all Tornado-related funds on any regulated exchange.

Furthermore, the case of Avraham Eisenberg, recognized as the first individual to be arrested for a DeFi exploit, could be acting as a deterrent. Eisenberg manipulated the Mango Markets protocol and openly confessed to it, thereby exposing the protocol’s weakness. He was apprehended in Puerto Rico in December, which might be serving as a cautionary tale for others.

An alternative hypothesis could be that hackers are showing sympathy towards crypto projects and aiding their development. A substantial hack on a crypto project like Curve can lead to the protocol losing its ambitious objectives, roadmap, and future while also impacting users’ funds. 

In this context, the Curve exploiter stated in a message,

“I saw some ridiculous views, so I want to clarify that I’m returning the funds not because you can find me but because I don’t want to ruin your project. Maybe it’s a lot of money for a lot of people, but not for me.” 

This suggests a sense of remorse towards the affected projects.

This Won’t Last Long

Sadly, this drop in crypto thefts is probably just a short break and not a lasting change. The way crypto hacks work, how much the thefts have slowed down, and what we’ve learned from past patterns give us a clearer picture of what’s happening.

Most of the money stolen from crypto platforms and users comes from a few big attacks. This can make the total amount stolen change a lot from month to month. According to a study, the ten biggest hacks in 2022 made up about 75% of all the money stolen that year.

Also, looking at individual six-month periods doesn’t really help us guess how much money will be lost to hacks over the whole year. The amount of money stolen and the number of attacks in the first three months of 2023 were similar to what happened in the third three months of 2022. But then, there were a record number of hacks, making 2022 a year with the most stolen money ever. 

Source: https://coinpedia.org/research-report/crypto-hackers-tendency-toward-returning-stolen-funds-rises-in-2023s-first-half-whats-the-reason/