Sturdy Finance Offers $100,000 Bounty to Attacker who Drained 442 Ether
Decentralized lending protocol Sturdy Finance has taken a bold step in attempting to recover stolen funds by offering a substantial $100,000 bounty to the attacker responsible for draining 442 ether from their platform. In a move to communicate their intentions directly, the Sturdy Finance team sent an on-chain message to the attacker‘s address, extending the offer of the bounty.
The incident occurred on Monday when an unknown individual managed to siphon off approximately $800,000 worth of ether from Sturdy Finance. Sam Forman, the founder of the project, confirmed the situation through a tweet, revealing that his team had reached out to the attacker. The message conveyed the bounty offer, with the stipulation that if the stolen funds were returned to a specified address owned by Sturdy, no criminal charges would be pursued.
Forman’s tweet stated, “We are willing to offer you $100k as a bounty, and will not pursue you further if you send the remaining funds to 0x4e…89F5,” showcasing the potential opportunity for the attacker to avoid legal consequences by complying with the offer.
The security breach occurred as a result of an exploitation of a reentrancy vulnerability in one of Sturdy Finance’s liquidity pools. This vulnerability allowed the attacker to manipulate a price oracle, eventually leading to the unauthorized withdrawal of funds.
Taking swift action in response to the incident, Sturdy Finance promptly suspended all of its markets to prevent any further potential losses. The team assured their users that no additional funds were at risk and emphasized their commitment to thoroughly investigating the platform’s security measures.
It remains to be seen whether the attacker will take up Sturdy Finance’s bounty offer and return the stolen funds. The outcome of this situation will undoubtedly have implications for the security and resilience of decentralized finance platforms moving forward.
Leave a comment