Loading...

Curve Finance recovers all stolen funds from hacker

Curve Finance recovers all stolen funds from hacker

Most read

Loading Most Ready posts..

TL;DR

  • Curve Finance recovered all $61 million stolen in a recent hack.
  • Alchemix’s pool lost $13.6 million, JPEGd’s pool $11.4 million, and Metronome’s pool $1.6 million in the attack.
  • The recovery followed a bold bug bounty offer: 10% reward for returning 90% of stolen funds.
  • Within a day of the bounty, funds started returning, with full restitution by August 5.

The dark clouds looming over the crypto landscape brightened a shade as Curve Finance, the well-known decentralized finance platform, has experienced a surprising twist.

Only days after a crippling hack wiped out a staggering $61 million, every single digital coin was recovered. But before you pop the champagne, let’s delve into the sequence of events that led to this unexpected U-turn.

The Heist: When Curve Finance Was Dealt a Blow

It was a chilling day for crypto enthusiasts and investors on July 30. Hackers set their eyes on Curve Finance, exploiting the platform’s vulnerabilities related to the Vyper programming language.

These loopholes led to successful reentrancy attacks, facilitating the unauthorized draining of crypto funds. Among the affected, Alchemix’s alETH-ETH pool was hit hard with losses amounting to $13.6 million.

But they weren’t alone in their misfortune. JPEGd’s pETH-ETH pool wasn’t spared either, witnessing a depletion of $11.4 million. To add to the laundry list, Metronome’s sETH-ETH pool experienced a staggering loss of over $1.6 million.

A collective gasp resonated through the community. Could this be the end of the road for these projects? Not quite.

A Bounty to Change the Tide

In the wake of the grim scenario, Curve Finance, along with Alchemix and Metronome, took an audacious step. On August 3, the trio announced a unique proposal directed at the hackers – a bug bounty program.

This wasn’t your run-of-the-mill bounty. The offer? Return 90% of the stolen funds and walk away with a generous 10% as a reward. This means the attacker would pocket a cool $7 million for their “cooperation.” Risky? Definitely. But sometimes, one has to fight fire with fire.

And here’s where things took an unexpected turn. In less than a day following the bounty announcement, funds began trickling back to their original coffers. The hacker returned 4,820.55 Alchemix ETH (alETH) initially. By August 5, every stolen coin was back in its rightful digital wallet.

While it may seem like the hacker had a change of heart, let’s not kid ourselves. An on-chain message from the attacker to the Curve and Alchemix teams laid things out plainly.

The decision to return the funds was not out of fear of being caught but more about not wanting to annihilate the projects. A ‘noble’ act? Hardly.

Furthermore, the JPEG’d team confirmed that they too received a refund, with 5,495 Ether reinstated. The icing on the cake? No legal action will be taken against the hacker. In the words of the JPEG’d team, this entire fiasco will be viewed as a “white-hat rescue.”

While this event unfolded in a rather fortunate manner for Curve Finance and other affected entities, it’s essential to acknowledge the glaring vulnerabilities in the crypto realm.

What’s the lesson here? The DeFi platforms need to up their game. This wasn’t charity or a knight in shining armor rescuing the damsel in distress. It was a calculated move by an individual or group who found it more profitable to return the money than to run with it.

Disclaimer: The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision.

Share link:

Jai Hamid

Jai Hamid is a passionate writer with a keen interest in blockchain technology, the global economy, and literature. She dedicates most of her time to exploring the transformative potential of crypto and the dynamics of worldwide economic trends.

Stay on top of crypto news, get daily updates in your inbox

Related News

Cryptopolitan
Subscribe to CryptoPolitan