Hacker returns stolen funds after DeFi exploit, receives a bounty

This week, an unexpected development regarding the hacker who seriously disrupted the DeFi system took place. They decided to return all of the money they had taken after being offered an incentive by the affected networks. This brings to an end a period that was very unsettling for those working in the cryptocurrency industry.

On their Twitter page, Alchemix shared the news, which was well-received. They claimed that a hacker had successfully recovered all of the money that had been taken from their CurveFinance pool.

On July 30, over $61 million of funds were stolen from various DeFi projects such as Alchemix, Metronome, and JPEG’d. The majority of the money taken was from Alchemix – a staggering amount of around $45 million – adding to the difficulties experienced by decentralized platforms.

The hacker’s actions were interesting in that they took an unexpected turn. The process of recovering the stolen assets was started on a Friday by the person who last week took advantage of flaws in the Vyper programming language. 4,820 Alchemix ETH (alETH), worth a total of about $8.3 million, were returned to the wallet of the Alchemix team.

There were several stages to the restoration. Following a test return of 1,000 alETH, the hacker continued with the return of 3,819.6 tokens to finish the refund.

The parties involved worked together to bring about this turn of events. On August 3, Curve, Alchemix, and Metronome—all victims of the exploit—issued a joint statement. They stated in this message that if 90% of the funds were returned by August 6, they would forego taking legal action against the hacker. They provided an incentive in the form of a bounty equal to 10% of the seized property.

A message posted on August 4 revealed some of the hacker’s intentions. The message expressed a desire to return the stolen assets in order to protect the projects from further damage rather than out of fear of being discovered.

The hack’s aftermath reverberated throughout the market and had a number of negative effects. The exploit caused a significant drop in the value of Curve’s CRV token. For a $60 million loan secured by Curve founder Michael Egorov, who had used CRV as collateral across several DeFi lending platforms, including Aave and Frax Lend, the decline in CRV’s price increased the risk of liquidation.

As a result of Egorov’s position, borrowers withdrew their stablecoins from lending platforms in an effort to prevent losing the tokens they had lent out. In response to these developments, a group of investors conducted over-the-counter transactions to raise the price of CRV and allay community concerns.

The price of CRV increased by only 5%, to $0.62, as the hacker started the process of returning the stolen funds. The token hasn’t yet fully recovered to its $0.75 pre-hack value, highlighting the exploit’s long-lasting effects.

The unfolding events in the aftermath of the hack have highlighted the increasingly transparent and interactive nature of post-hack negotiations within the blockchain space. This approach contrasts with traditional security breaches and showcases how blockchain serves as a public platform for communication between hackers and their victims. Notably, this trend mirrors the $200 million hack of the Euler lending platform in March, which featured extensive on-chain interactions between the involved parties.