The individual responsible for the exploit of Prisma Finance, a decentralized finance (DeFi) protocol, valued at $11.6 million, claims that it was a “whitehat rescue” and is now expressing interest in returning the funds, as stated in on-chain messages.
On March 28, approximately six hours after the attack, the exploiter sent a message from the address “0x2d4…7507a,” which had previously been identified as one of the addresses associated with the attack. The message read, “Hi, this is a whitehat rescue, who can I contact to refund.”
In response, Prisma Finance requested that the hacker get in touch with them at [email protected]. The communication between Prisma Finance and the hacker took place through on-chain messages, as seen on Etherscan.
The term “white hat hacker” refers to individuals who use their hacking skills to identify security vulnerabilities in software code. In the cybersecurity field, these experts typically inform the creator of the attack vector rather than exploiting it themselves.
However, in the cryptocurrency industry, it is more common for hackers to exploit the protocol and then request a white hat bounty in exchange for immunity. Nevertheless, there have been instances where hackers returned funds without seeking any reward.
The initial batch of malicious transactions occurred on March 28 at 11:29 am UTC. Prisma Finance is currently investigating the root cause of the attack. According to blockchain security firm PeckShield, approximately $11.6 million was stolen and sent to three different addresses.
Subsequently, the hacker began swapping the stolen funds to Ether (ETH), according to Cyvers, another blockchain security firm. PeckShield later observed that around 200 Ether was transferred to Tornado Cash, a cryptocurrency mixer that is under OFAC sanctions.
As a result, Prisma Finance engineers have temporarily halted the DeFi protocol. Prior to the exploit, the protocol had approximately $220 million in total value locked, but this figure has now dropped to $115 million, according to DeFiLlama.
Following the news, the Prisma Governance Token (PRISMA) experienced a 30% decline to $0.244, but it has since recovered to $0.289, as reported by CoinGecko.
Cointelegraph reached out to Prisma Finance for comment but has not yet received a response.
Cryptocurrency hacks continue to impede the progress of the DeFi industry. In the first two months of 2024, a total of $200 million worth of cryptocurrencies has been lost to hacks and rug pulls across 32 separate incidents, according to Web3 security firm Immunefi.
Furthermore, a report by Immunefi states that in 2023, a total of $1.8 billion was lost to cryptocurrency hacks and scammers, with 17% of the losses attributed to the North Korean Lazarus Group.
As a response to these ongoing threats, a team of white hat hackers called “SEAL 911” has been formed to combat crypto hacks in real-time.