The hacker behind the $11.6 million exploit of decentralized finance (DeFi) protocol Prisma Finance is claiming it was a “whitehat rescue” and is enquiring about returning the funds, according to on-chain messages.
“Hi, this is a whitehat rescue, who can I contact to refund,” the exploiter said on March 28, around 6 hours after the attack. The message came from the address “0x2d4…7507a” — which was earlier identified as being one of three addresses linked to the attack.
“Please contact us at negotiations@prismafinance.com,” the DeFi firm said in response about two hours later.
A white hat hacker refers to a person who uses their hacking ability to find security vulnerabilities in software code. In the broader cybersecurity world, these security experts often notify the creator of the attack vector rather than exploiting it themselves.
However, in the cryptocurrency industry, it is more common for hackers to exploit the protocol and then ask for a white hat bounty in exchange for immunity, though there have also been cases where they’ve returned funds without asking for any reward.
The first batch of malicious transactions occurred at 11:29 am UTC on March 28. Prisma Finance is still investigating the root cause of the attack.
Blockchain security firm PeckShield estimated about $11.6 million was stolen and sent to three separate addresses.
The hacker then started swapping the stolen funds to Ether (ETH), according to blockchain security firm Cyvers.
Prisma Finance engineers have since halted the DeFi protocol.
Prior to the exploit, Prisma Finance had about $220 million in total value locked on its protocol, but that figure has plummeted to $115 million, according to DeFiLlama.
Meanwhile, the Prisma Governance Token (PRISMA) plummeted 30% to $0.244 on the news but has since rebounded to $0.289, according to CoinGecko.
Cointelegraph reached out to Prisma Finance for comment but did not receive an immediate response.
Related: Ethical hacker retrieves $5.4M for Curve Finance amid exploit
Cryptocurrency hacks continue to hamstring the developments in the DeFi industry.
Over $200 million worth of cryptocurrencies have been lost to hacks and rug pulls across 32 individual incidents over the first two months of 2024, according to Web3 security firm Immunefi.
A total of $1.8 billion was lost to cryptocurrency hacks and scammers in 2023, of which 17% have been attributed to the North Korean Lazarus Group, according to a Dec. 28 report by Immunefi.
Magazine: ‘SEAL 911’ team of white hats formed to fight crypto hacks in real time