The UwU Lend protocol team is offering a reward of $5 million to anyone who can identify the attacker responsible for a second exploit on the protocol.
In a message sent on June 13, UwU warned the hacker that the deadline to return the stolen funds had passed, and offered the $5 million bounty to the first person who could locate them. The hacker failed to transfer 80% of the stolen funds by the requested deadline of June 12 at 5:00 pm UTC.
The bounty, to be paid in Ether (ETH), will be given out before the funds are recovered or any charges are filed. This announcement was made in response to a second exploit on June 13, where the hacker targeted UwU’s uDAI, uWETH, uLUSD, uFRAX, uCRVUSD, and uUSDT pools, stealing $3.7 million.
Both hacks were traced back to the same hacker wallet address “0x841…21f47,” according to blockchain security firm Cyvers.
The initial attack on June 10 resulted in the loss of $20.3 million due to a price manipulation scheme. UwU then requested the hacker to return 80% of the funds, promising to halt legal action and allowing them to keep the remaining 20%.
Despite the promise, the hacker did not respond and went on to carry out the second exploit just before UwU announced the $5 million bounty. The protocol has already repaid over $9.7 million to victims of the first attack.
Despite losing a total of $24 million, the UWU token is only down 20% to $2.51 over the past week, according to CoinGecko. The token now has a market cap of $22.6 billion.
Since the first industry hack in June 2011, nearly $19 billion in cryptocurrencies have been stolen, as reported by a recent Crystal Intelligence report. In light of these incidents, experts emphasize the importance of protecting crypto assets in a volatile market.