HomeNFT NewsEthical hacker retrieves $5.4M for Curve Finance amid exploit

Ethical hacker retrieves $5.4M for Curve Finance amid exploit


A white hat hacker has managed to take around 2,879 Ether (ETH), worth around $5.4 million, from an exploiter and returned it to the decentralized finance (DeFi) protocol Curve Finance amid the recent hack. 

On July 30, several stablepools on Curve Finance were exploited due to malfunctioning reentrancy locks on several versions of the Vyper programming language. The losses from Curve Finance are estimated to be around $47 million. However, DeFi protocols that were using the vulnerable versions of Vyper were also exploited, exposing the DeFi ecosystem to a stress test.

On the same day, an ethical hacker seized some of the stolen assets and returned them to Curve Finance. A maximal extractable value bot operator with the username “c0ffeebabe.eth” used a front-running bot against a malicious hacker to secure almost 3,000 ETH. The funds were then returned to the Curve deployer address, which looks to be its rightful custodian. 

Amid the chaos, Twitter accounts impersonating Curve Finance and hack victims are promoting a fake refund scheme targeting those who already lost their funds in the recent hack. The official Curve Finance account has not published any plans for a refund at the time of writing.

Ethical hacker retrieves $5.4M for Curve Finance amid exploit be80cef8 2374 4262 93ae 0c5c9c6793aa
Copycat Curve Finance account promoting a fake refund scheme. Source: Twitter

Meanwhile, BNB Smart Chain has suffered copycat attacks due to the Vyper vulnerability. According to data shared by blockchain security firm BlockSec, around $73,000 was stolen across three exploits. 

Related: Ethereum logs $1M MEV block reward amid Curve Finance exploit

Meanwhile, the U.S. Securities and Exchange Commission has adopted new rules for cybersecurity incidents involving public companies in the United States. The rule requires these companies to disclose a cyberattack four days after being considered “material.” According to the SEC, the rule will also require periodic reporting on policies to identify and manage cybersecurity risks.

Magazine: Should crypto projects ever negotiate with hackers? Probably

Source link

Must Read
Related News


Please enter your comment!
Please enter your name here