Curve Finance Hacker Returns All Stolen Funds to Alchemix

Alchemix, the lending platform that fell victim to a massive hack on July 30, has announced the return of all stolen funds by the Curve Finance hacker. The attack had resulted in over $61 million worth of cryptocurrencies drained, with Alchemix’s alETH-ETH pool alone losing $13.6 million. The hacker targeted vulnerable versions of the Vyper programming language through reentrancy attacks, affecting several other pools as well, including JPEGd’s pETH-ETH pool with outflows of $11.4 million and Metronome’s sETH-ETH pool drained of over $1.6 million.

The news of the return of stolen funds was met with relief and gratitude by the affected platforms. In a tweet, Alchemix expressed its appreciation, saying, “We would like to thank the Curve Finance exploiter for returning a total of 4,819 $alETH and 2259 $ETH so far. We are looking forward to continued collaboration, resulting in the return of remaining funds.”

The start of the fund return process occurred after the hacker accepted a bug bounty offer initiated by the joint efforts of Curve Finance, Metronome, and Alchemix. On August 3, the three platforms announced an ambitious initiative to recover the stolen funds, offering a 10% bounty of the seized assets as a reward to anyone providing assistance in returning the cryptocurrencies. The announcement also urged the hacker responsible for the exploit to return the remaining 90% of the funds, which would bring the total bounty close to a substantial $7 million.

The crypto community responded positively to the joint initiative, appreciating the cooperative effort to rectify the situation. This approach demonstrated the solidarity and determination of the platforms involved in recovering the stolen funds and protecting their users’ interests.

The hack itself targeted stable pools on the Curve Finance platform, highlighting the need for constant vigilance and security measures within the DeFi space. Reentrancy attacks, a type of exploit in smart contracts, have been a persistent threat in the cryptocurrency world. By taking advantage of vulnerable versions of the Vyper programming language, the hacker was able to drain significant amounts of cryptocurrencies from multiple platforms.

Alchemix, JPEGd, and Metronome have been working diligently to improve their security protocols and address vulnerabilities that were exploited during the attack. Such incidents underscore the importance of conducting regular security audits and implementing best practices to safeguard user funds on DeFi platforms.

Read more:

Join us on Telegram

Follow us on Twitter

Follow us on Facebook

Follow us on Reddit

You might also like