A Bounty Rewarded To Hacker For Returning Stolen Funds To Tender.fi

March 8, 2023

minute read

A bounty of about $97,000, or 6% of the amount of the exploit, was offered as part of an on-chain message.

‍

It has been revealed that the hacker responsible for exploiting the decentralized finance lending platform Tender.fi has returned the stolen funds in exchange for a bounty reward of $97,000 in Ether.

‍

Tender.fi confirmed the incident on Twitter shortly after the exploit was executed at 10:28 am UTC on March 7. The company cited "an unusual amount of borrows" for the exploit and added that it has paused all borrowing until the issue is resolved.

‍

By depositing 1 GMX token, which is valued at around $71, the exploiter was able to borrow $1.59 million worth of assets from the protocol by exploiting a price oracle glitch.

‍

"It appears that your Oracle was misconfigured. Get in touch with me to resolve this," the hacker wrote on-chain.

‍

Within eight hours, the DeFi protocol announced it had reached an agreement with the white hat exploiter, under which the hacker would repay all loans minus a bounty of 62.16 ETH, worth around $97,000 at the current rate.

‍

Approximately one hour later, Tender.fi confirmed via Twitter that the exploiter had repaid the loan in full.

‍

“The funds are officially SaFu, a postmortem will follow soon,” it stated.

‍

There was a campaign in August last year when cross-chain Nomad Bridge appealed to those exploiters who were involved in an exploit that overtook the Nomad Bridge in less than three hours and extracted $190 million in funds from it.

‍

Approximately $32.6 million in funds were already returned just a few hours after the discovery of the exploit, suggesting some of the exploiters were white hat hackers seeking to get funds back for safekeeping in the future.

‍

Towards the end of the month, the nonfungible token firm Metagame even offered a "Whitehat Prize" in the form of an NFT to anyone who could prove that they had repaid at least 90% of the funds that they had stolen from the protocol during the month.

‍

The blockchain data from the Official Nomad Funds Recovery Address shows that funds have continued to be returned to the recovery address since then, with the latest transaction being entered on February 18 for $7,868 in Covalent Query Token (CQT).