Tender.fi Hacker Receives $97K Bounty After Returning Stolen Funds

The hacker who compromised the decentralized finance lending platform Tender.fi has returned the stolen belongings in alternate for a $97,000 Ether bounty. The exploit was carried out at 10:28 UTC on March 7. Tender.fi confirmed the issue shortly thereafter by means of Twitter, reporting “an uncommon quantity of borrows” and noting that it has halted all borrowing.

Evaluation of blockchain knowledge revealed that the person chargeable for the exploit leveraged a value oracle glitch. This allowed them to deposit only one GMX token, valued at roughly $71, and borrow belongings price $1.59 million from the protocol.

In an on-chain message, the hacker wrote that it appeared the oracle was misconfigured and instructed the recipient to contact them to be able to resolve the difficulty.

Eight hours later, the DeFi protocol claimed that it had reached an settlement with the “White Hat” exploiter, whereby the hacker would refund all loans minus a “bounty” of 62.16 ETH, price round $97,000 on the time of writing.

Yet another hour later, Tender.fi tweeted a affirmation that the exploiter had completed repaying the mortgage.

In August of the earlier yr, Nomad Bridge, which operates throughout totally different blockchains, made a plea to these chargeable for a wise contract exploit. This exploit led to the extraction of roughly $190 million from the bridge in beneath three hours.

Inside a number of hours, round $32.6 million price of funds had been returned, indicating that a few of the people behind the exploit might have been white hat hackers trying to retrieve the funds and return them safely at a later time.

In the direction of the top of that month, Metagame, a nonfungible token agency, launched a “Whitehat Prize” within the type of an NFT. This prize was provided to people who may reveal that they’d returned at the least 90% of the funds that have been taken from the protocol through the exploit.