Security Breach and Recovery
On Oct. 10, Transit Swap, a decentralized finance (DeFi) protocol, announced it had struck a deal with its main hacker following a recent exploit that resulted in a loss of over $23 million in user funds. The hack involved an internal bug on a swap contract that led others to imitate the security breach.
Hacker Returns Stolen Funds
The unnamed hacker returned approximately 70% of the stolen assets, facilitated by major security companies such as Peckshield, SlowMist, Bitrace, and TokenPocket. Through their investigations, these firms successfully traced the hacker’s IP address, email, and on-chain addresses.
Details of the Agreement
Under the terms established on October 10, the hacker will return the remaining 10,000 BNB tokens worth around $2.74 million in exchange for immunity from all legal liabilities related to the attack. Furthermore, they will retain 2,500 BNB (approximately $685,600) as a reward for their ‘white hat’ efforts in revealing the security flaw.
Warnings Issued to Imitators
The Transit Swap team has since called for two imitators of the hacker, as well as one hacker-arbitrageur, to return the remaining stolen funds by Oct. 12. They have indicated that failure to comply will lead to legal action.
Changing Landscape for DeFi Security
At the start of this year, the anonymity of DeFi hackers made exploitations low-risk and high-reward. However, with advancements in blockchain analytics and recent bans like that on the crypto-mixer Tornado Cash, laundering stolen funds has become increasingly difficult for hackers. This trend has led some to return stolen funds while keeping a bounty for exposing security vulnerabilities, similar to past cases such as the Nomad bridge hack.
+ There are no comments
Add yours