Hacker behind $2M crypto heist receives job offer from victim protocol
Crypto liquid restaking protocol Bedrock lost roughly $2 million in a security exploit. In return, the attacker was offered the job of securing the very protocol it stole from.
On Sept. 26, Web3 security firm Dedaub discovered a smart contract vulnerability in multiple uniBTC vaults of Bedrock. According to Dedaub, the bug was disclosed to Bedrock but no action was taken in response to the threat. The security firm added:
“Unfortunately, even though we found the issue in the smart contract several hours before, by the time the team responded, the vulnerability had been exploited.”
The vulnerability was exploited for approximately $2 million loss. However, the attacker had the opportunity to steal up to $75 million from the uniBTC vaults.
Source: Bedrock
On Sept. 27, Bedrock acknowledged the hack and said the protocol is developing a reimbursement plan to recoup investors’ losses. Additionally, Bedrock revealed working “with audit teams and white hats to recover the lost funds.”
Trying a new approach to funds recovery
Moreover, Bedrock also tried to contact the hacker through an onchain message found on the Ethereum blockchain analytics platform, Etherscan.
Bedrock offers a white hat job to the hacker. Source: Etherscan
Bedrock asked the hacker:
“We would like to communicate with you inviting you to become a white hat for the recent incidence. Would you be interested in working with us and making the protocol more secure?”
The hacker was also offered a reward for the $2 million uniBTC vault exploit. However, the hacker had not responded to the message at the time of this writing.
The Bedrock team assured users that the existing funds were safe and committed to unpause staking on uniBTC contracts once the vulnerability was neutralized.
Related: Coinbase-backed Truflation confirms hack, losses estimated to be $5M
Crypto lender Shezmu recently recovered nearly $5 million from a hacker after a successful onchain negotiation.
Negotiating back stolen funds
After confirming that one of its ShezmuUSD (ShezUSD) stablecoin vaults was exploited, Shezmu proactively urged the hacker to return the funds in exchange for a 10% bounty reward with no legal repercussions.
Source: Shezmu
However, the hacker responded to the request by demanding a 20% bounty reward instead of the initial 10% offer, which Shezmu agreed to.
Shezmu’s team negotiates the return of stolen funds with the hacker. Source: Etherscan
After the blockchain discussion, Shezmu began receiving the stolen Dai ( DAI ) tokens in its wallet. The hacker initially returned 282.18 Ether ( ETH ) to the protocol and followed it up with another refund of 137 Wrapped Ether (WETH).
Magazine: Worldcoin fined again! Crypto store clerk runs off with $500K cash: Asia Express
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Token listing: Instantly buy/sell BTC with EUR & BRL via cash conversion!
Bitget users can now instantly buy or sell BTC with EUR or BRL balances via cash conversion! Buy/Sell Crypto Tips: Enjoy a transaction fee rebate in USDT on your first cash conversion transaction! Additional perks >>> Flash Monday: Buy crypto with a credit/debit card for zero fees >>> Flash Thursda
Orbiter Finance collaborates with the Ethereum Foundation and the University of California, Santa Barbara to enhance the security model of bridging p
Since its establishment in 2021, Orbiter has been deeply exploring security, aiming to become a reliable infrastructure in the cross-chain field.
OXTUSDT now launched for futures trading and trading bots
Bitget has launched OXTUSDT for futures trading with a maximum leverage of 25, along with support for futures trading bots, on November 25, 2024 (UTC+8). Welcome to try futures trading via our official website (www.bitget.com) or Bitget APP. OXTUSDT-M perpetual futures: Parameters Details Listing t
Bitget Spot Bot adds CHEEMS/USDT
We are pleased to announce that Bitget spot bot has now added: CHEEMS/USDT. Reference 1. Spot grid 2. Crash course on Spot Grid Disclaimer Despite high growth potential, cryptocurrencies still face high risks and volatility. You are strongly advised to do your own research as you invest at your own