The individual responsible for the $11.6 million hack of decentralized finance (DeFi) platform Prisma Finance claims that it was a “whitehat rescue” and has expressed interest in returning the funds, according to messages recorded on the blockchain.
On March 28, approximately six hours after the attack, the exploiter sent a message from the address “0x2d4…7507a” stating, “Hi, this is a whitehat rescue, who can I contact to refund?” This address had previously been identified as one of the three addresses associated with the attack. Prisma Finance responded about two hours later, instructing the hacker to contact them at [email protected].
The exchange of messages between Prisma Finance and the hacker took place on the blockchain. Source: Etherscan
A “white hat hacker” is someone who uses their hacking skills to identify security vulnerabilities in software code. In the realm of cybersecurity, these experts typically inform the creator of the attack vector rather than exploiting it themselves.
However, in the cryptocurrency industry, it is more common for hackers to exploit the protocol and then demand a white hat bounty in return for immunity. There have also been cases where hackers have returned funds without requesting any reward.
The initial series of malicious transactions occurred at 11:29 am UTC on March 28. Prisma Finance is currently investigating the root cause of the attack.
Blockchain security firm PeckShield estimates that approximately $11.6 million was stolen and sent to three different addresses.
According to blockchain security firm Cyvers, the hacker then proceeded to convert the stolen funds into Ether (ETH). PeckShield later observed that approximately 200 Ether was transferred to the OFAC-sanctioned cryptocurrency mixer Tornado Cash.
Prisma Finance engineers have since suspended the DeFi protocol.
Source: PeckShield
Before the exploit, Prisma Finance had approximately $220 million locked in its protocol. However, following the attack, that figure has dropped to $115 million, according to DeFiLlama.
Total value locked on Prisma Finance. Source: DeFiLlama
Meanwhile, the Prisma Governance Token (PRISMA) experienced a 30% decrease in value, dropping to $0.244 upon the news. However, it has since recovered to $0.289, according to CoinGecko.
Cointelegraph reached out to Prisma Finance for comment but has not received an immediate response.
Related:
An ethical hacker recovers $5.4 million for Curve Finance in the midst of an exploit.
Cryptocurrency hacks continue to impede progress in the DeFi industry.
According to Web3 security firm Immunefi, over $200 million worth of cryptocurrencies have been lost in 32 separate incidents during the first two months of 2024 due to hacks and rug pulls.
A report by Immunefi on December 28 revealed that a total of $1.8 billion was lost to cryptocurrency hacks and scammers in 2023, with 17% of the losses attributed to the North Korean Lazarus Group.
Magazine:
The “SEAL 911” team of white hat hackers has been established to combat real-time crypto hacks.