- Using a price oracle flaw, the exploiter got away with $1.59 million worth of assets.
- The DeFi protocol reported that the hacker had agreed to refund all debts.
With the lure of a $97,000 Ether reward, the hacker responsible for the vulnerability on the decentralized lending platform Tender.fi has returned the stolen assets. At 10:28 am UTC on March 7, an exploit was carried out, and Tender.fi confirmed the event on Twitter shortly afterward, saying that there had been an extraordinary volume of borrows and that the service had suspended all borrowing.
Using a price oracle flaw, the exploiter deposited 1 GMX token, worth around $71 into the system and borrowed $1.59 million worth of assets. After negotiating with the “White Hat” exploiter for eight hours, the DeFi protocol reported that the hacker had agreed to refund all debts minus a “bounty” of 62.16 ETH, or almost $97,000.
Both the Parties Involved Benefit
Furthermore, one more hour passed before Tender.fi tweeted the news that the exploiter had paid off the debt. Exploiters were drawn to the cross-chain Nomad Bridge in August of last year, when they stole $190 million in a smart contract hack that took less than three hours to complete.
It’s possible that some of the people behind the exploits were really ethical hackers who were only seeking to steal money for later use. In recent months, the bug bounty program has gained traction in the cryptocurrency industry. The hacker is essentially compensated for restoring payments and also for helping identify potential vulnerabilities in the system.
Moreover, there were multiple instances in the past where the hacker returned funds in exchange for a bounty. This way both the parties involved benefit.
Recommended For You:
Indian Crypto Exchange BitBNS’s $7.5M Hack Brought To Light by ZachXBT