The hacker who downloaded $ 25 million in cryptocurrency from the dForce decentralized financial protocol over the weekend returned almost all the stolen assets.
According to data visible on the Ethereum blockchain, from 6:00 UTC on Tuesday, multiple transactions were initiated from an address labeled "Lendf.Me Hack" to the administration address of the Lendf.Me project.
The unexpected return of funds in numerous transactions with different cryptocurrencies
The transactions included some extremely large amounts, such as that of 57.992 ether (ETH), the native cryptocurrency of the Ethereum blockchain - worth about $ 10 million at the time of printing.
Further incoming transactions involved various U.S. dollar-related stablecoins - such as USDT, BUSD, TUSD, DAI, USDC, HUSD and PAX - totaling nearly $ 10 million. In addition, a total of 581 units of WBTC, HBTC and imBTC - token ethereum which bind to bitcoin as an underlying guarantee were returned.
The sum of these is listed at around $ 4 million at the current bitcoin price. Curiously, the hacker did not return exactly the same stolen resource balance, but returned some of the value in other types of tokens.
All in all, they returned cryptographic assets worth about $ 24 million at the time of printing. At this stage it is not known why the hacker did not simply return the resources that had been stolen or, in general, why they were returned.
Two possible reasons behind the hacker's choice to return the stolen funds
Although there are no certainties regarding the reason for the unexpected return of stolen funds, some interesting hypotheses have arisen. Larry Cermak, director of research at The Block, focused on a possible miscalculation made by the attacker in laundering the proceeds.
In other words, in transferring stolen Ethereum funds and other crypto resources to decentralized exchanges, the hacker simply used a VPN or proxy server, while more experienced hackers would have secured the transfer using a decentralized network, such as Tor.
This error leaked some metadata, including his IP address and left the possibility to trace his identity through traces of information from the server operator.
Furthermore, Sergej Kunz, CEO of the 1 inch exchange, which was one of the decentralized exchanges used to launder stolen funds, was willing to openly discuss the issue. Indeed, Kunz's cooperation in this case highlights industry-level cooperation in the fight against hackers.
Regarding the incident, Kunz noted: "He appears to be a good programmer, but an inexperienced hacker." In this regard, even if the hacker has returned the stolen cryptographic assets, there remains a huge damage to the image and reputation of DeFi.
And what do you think of this whole affair? Hopefully your funds were safe in some other electronic wallet! Let us know if you have ever had similar experiences in the comments below!