On July 30, Curve Finance, MetronomeDAO, and Alchemix Finance encountered a hack on their decentralized finance (DeFi) platforms, resulting in a loss of approximately $52 million in various tokens, specifically affecting three pools of ETH derivatives from MetronomeDAO, Alchemix Finance, and JPEG’d.
Curve Finance Hacker Receives a Strong On-Chain Warning from DeFi Projects
Following the hack, the three DeFi platforms decided to take a proactive approach to retrieve the stolen funds. They initiated negotiations with the hackers by sending an on-chain message via Ethereum on Thursday. In their message, the trio offered a “10% bounty of any stolen funds” to the exploiters as an incentive for them to return the remaining funds. The idea was to appeal to the hackers’ self-interest while attempting to recover the majority of the stolen assets.
Furthermore, the DeFi platforms issued a subtle warning to the hackers. They threatened that if the hackers declined the white-hat bounty offer, the teams would publicly expand the bounty, providing the same amount to any whistleblower or investigator who could provide proof that would help recover the funds.
This strategy seemed to have yielded some positive results, as at least one exploiter came forward in response to the offer. According to the security auditing firm PeckShield, they detected a transaction sent from an Ethereum address that was identified to have front-run an exploit attempt on JPEG’d. On the day of the hack, several Miner Extractable Value bots (MEV bots) had front-run the hacker’s transaction, diverting the funds that would have otherwise gone to the hacker’s address.
MEV bots are automated programs that scan the Ethereum mempool for lucrative opportunities and execute transactions before others can, thereby profiting from the price movements. In this case, these bots played a role in thwarting the hacker’s attempt and partially recovering some of the stolen assets.
Leave a comment